Question

我知道这是一个回归问题，但（据我所知）所有建议的解决方案都没有解决我的问题 - 所以我希望我从“知道......的人那里得到一些额外的信息”

设定：我在Windows Server 2012环境中运行Apache 2.4 with PHP 7.0.7和OpenSSL 1.0.2h（所有三个64位版本）。

当我尝试调用PHP openssl_pkey_new函数时，我得到那些“系统库：fopen：没有这样的进程”错误。大多数重新指向指向：“确保openssl找到其配置文件”。但在我的情况下，我觉得实际上就是这种情况（见下面的消息）：

使用配置数组调用函数时没有“config”选项，我得到两组“无此处理”错误消息和“bool（false）”结果。
当使用相应的“config”选项调用函数时，我只得到一组“没有这样的进程”错误消息和一个“Openssl KEY”资源作为结果。

因此我认为实际找到了配置文件，但配置文件中有些错误。

但是我找不到足够的帮助来解决如何在配置文件中记下错误 - 这就是我需要任何指导的地方......

调用openssl_pkey_new之前的错误

如果没有显示此行以上的错误，则表示没有！用于openssl_pkey_new函数的Config-Array 排列（ [digest_alg] =＆gt; SHA512 [private_key_bits] =＆gt; 4096 [private_key_type] =＆gt; 0 ）

调用openssl_pkey_new - 使用config-array但没有CONFIG！

bool(false)

调用openssl_pkey_new后的错误

string(51) "error:02001003:system library:fopen:No such process"
string(53) "error:2006D080:BIO routines:BIO_new_file:no such file"
string(63) "error:0E064002:configuration file routines:CONF_load:system lib"
string(51) "error:02001003:system library:fopen:No such process"
string(53) "error:2006D080:BIO routines:BIO_new_file:no such file"
string(63) "error:0E064002:configuration file routines:CONF_load:system lib"

调用openssl_pkey_new - 使用config-array包括CONFIG！

Array
(
[digest_alg] => sha512
[private_key_bits] => 4096
[private_key_type] => 0
[config] => C:\Webserver\OpenSSL\openssl.cfg
)

类型的资源（4）（OpenSSL密钥）

调用openssl_pkey_new后的错误

string(51) "error:02001003:system library:fopen:No such process"
string(53) "error:2006D080:BIO routines:BIO_new_file:no such file"
string(63) "error:0E064002:configuration file routines:CONF_load:system lib"
string(68) "error:0E06D06C:configuration file routines:NCONF_get_string:no value"
string(68) "error:0E06D06C:configuration file routines:NCONF_get_string:no value"
string(68) "error:0E06D06C:configuration file routines:NCONF_get_string:no value"
string(68) "error:0E06D06C:configuration file routines:NCONF_get_string:no value"
string(68) "error:0E06D06C:configuration file routines:NCONF_get_string:no value"
string(68) "error:0E06D06C:configuration file routines:NCONF_get_string:no value"

配置文件如下......

配置文件“C：\ Webserver \ OpenSSL \ openssl.cfg”

#
# OpenSSL configuration file used ...
# This is mostly being used for generation of certificate requests.
#

openssl_dir = C:\\Webserver\\\OpenSSL   # Where Openssl runs
RANDFILE    = $openssl_dir\\.rnd

####################################################################
[ ca ]
default_ca   = CA_default     # The default ca section

####################################################################
[ CA_default ]

dir = $openssl_dir\\PEM # Where everything is kept
certs   = $dir\\ssl.cert    # Where the issued certs are kept
###crl_dir  = $dir\\ssl.crl # Where the issued crl are kept
database    = $dir\\index.txt   # database index file.
new_certs_dir   = $dir\\ssl.cert-new    # default place for new certs.

certificate = C:\\Webserver\\Apache2\\conf\\ssl.cert\\myown.cert.pem    # The CA certificate
serial  = $dir\\serial  # The current serial number
###crl  = crl_dir\\crl.pem  # The current CRL
private_key = D:\\ssl.key\\myown.private-key.pem    # The private key
###RANDFILE = $dir\\private.rnd # private random number file


x509_extensions = x509v3_extensions # The extentions to add to the cert
default_days    = 365   # how long to certify for
default_crl_days    = 30    # how long before next CRL
default_md  = sha256    # which md to use.
preserve    = no    # keep passed DN ordering

# A few difference way of specifying how similar the request should look
# For type CA, the listed attributes must be the same, and the optional
# and supplied fields are just that :-)
policy  = policy_match

# For the CA policy
[ policy_match ]
countryName = match
stateOrProvinceName = match
organizationName    = match
organizationalUnitName  = optional
commonName  = supplied
emailAddress    = optional

# For the ’anything’ policy
# At this point in time, you must list all acceptable ’object’
# types.
[ policy_anything ]
countryName     = optional
stateOrProvinceName = optional
localityName    = optional
organizationName    = optional
organizationalUnitName  = optional
commonName  = supplied
emailAddress    = optional

####################################################################
[ req ]
default_bits    = 4096
encrypt_key = no
default_md  = sha256    # which md to use.
distinguished_name  = req_distinguished_name
attributes  = req_attributes

[ req_distinguished_name ]
countryName =   Country Name (2 letter code)
countryName_min =   2
countryName_max =   2
countryName_default =   AT
stateOrProvinceName =   State or Province Name (full name)
stateOrProvinceName_default =   Wien
localityName    =   Locality Name (eg, city)
localityName_default    =   Wien
organizationName    =   Organization Name (eg, company)
organizationName_default    =   MyOwn
organizationalUnitName  =   Organizational Unit Name (eg, section)
organizationalUnitName_default  =   Webservices
commonName  =   Common Name (eg, your website domain name)
commonName_max  =   64
commonName_default  =   www.yourdomain.com
emailAddress    =   Email Address
emailAddress_max    =   40
emailAddress_default    =   webmaster@mycompany.com

[ req_attributes ]
challengePassword     = A challenge password
challengePassword_min    = 4
challengePassword_max    = 20

[ x509v3_extensions ]

openssl_pkey_new和“错误：0E064002：配置文件例程：CONF_load”

0 个答案: