在php中为openssl_pkcs7_sign创建证书

时间:2013-03-06 02:34:14

标签: php openssl

关于在php中使用pkcs7签署电子邮件的文档,我必须使用先前生成的证书。

在openssl中为此示例准确生成必要文件的命令是什么? http://www.php.net/manual/it/function.openssl-pkcs7-sign.php

<?php
// the message you want to sign so that recipient can be sure it was you that
// sent it
$data = <<<EOD

You have my authorization to spend $10,000 on dinner expenses.

The CEO
EOD;
// save message to file
$fp = fopen("msg.txt", "w");
fwrite($fp, $data);
fclose($fp);
// encrypt it
if (openssl_pkcs7_sign("msg.txt", "signed.txt", "mycert.pem",
    array("file://mycert.pem", "mypassphrase"),
    array("To" => "joes@example.com", // keyed syntax
          "From: HQ <ceo@example.com>", // indexed syntax
          "Subject" => "Eyes only")
    )) {
    // message signed - send it!
    exec(ini_get("sendmail_path") . " < signed.txt");
}
?>

提前感谢您的帮助。

编辑1:

$prepend = "file:/";
openssl_pkcs7_sign($prepend . realpath(dirname(__FILE__)) . "/text.txt",
$prepend . realpath(dirname(__FILE__)) . "/enc.txt",
$prepend . realpath(dirname(__FILE__)) . "/selfcert.pem",
array($prepend . realpath(dirname(__FILE__)) . "/enc_key.pem", "123456"),
$headers);

我使用命令

生成了cert文件
openssl req -x509 -days 365 -newkey rsa:1024 -keyout enc_key.pem -out selfcert.pem

仍然收到错误:

警告:openssl_pkcs7_sign():错误获取私钥...

编辑2:添加了前置

也许它与“预付款”有关?我真的不确定问题是在文件检索中还是在密钥本身中。

1 个答案:

答案 0 :(得分:4)

我自己解决了。问题是正确检索密钥。 所以每个人都会遇到这个问题:

$prepend = "file://";
openssl_pkcs7_sign(realpath(dirname(__FILE__)) . "/text.txt",
        realpath(dirname(__FILE__)) . "/enc.txt",
        $prepend . realpath(dirname(__FILE__)) ."/selfcert.pem",
        array($prepend . realpath(dirname(__FILE__)) ."/enc_key.pem", "123456"), $headers);