从私钥生成 CSR 密钥

Question

我需要从私有 key/cert

生成 CSR 密钥

执行此操作时出现错误

openssl_csr_new(): dn: add_entry_by_NID 48 -> (failed; check error queue and value of string_mask OpenSSL option if illegal characters are reported) test.php(33)

$dn = [
    'commonName'            => '123@-1552-21',// 'func_id@activationcode',
    'organizationalUnitName'=> 'test',
    'organizationName'      => 'test',
    'localityName'          => 'DK',
    'stateOrProvinceName'   => 'DK',
    'countryName'           => 'DK',
    'emailAddress'          => ''
];

$csr = [
    'private_key_bits'  => 2048,
    'private_key_type'  => OPENSSL_KEYTYPE_RSA,
    'encrypt_key'       => true
];

$private_key = openssl_pkey_get_private('./1_0010444508001.pem');

$csr = openssl_csr_new($dn, $private_key, [
    'digest_alg' => 'sha256'
]);

openssl_csr_export($csr, $csrout);
openssl_pkey_export($private_key, $pkeyout, '');

echo $csrout . "\n" . $pkeyout;

Answer 1

openssl_csr_new(): dn: add_entry_by_NID 48 -> (failed; check error queue and value of string_mask OpenSSL option if illegal characters are reported) test.php(33)

问题不在于私钥，而在于dn。它抱怨将 NID 为 48 的属性添加到 CSR 时出现问题。 NID 48 is the NID for emailAddress 所以它抱怨这个字段的内容。看来不能为空。

从私钥生成 CSR 密钥

generate CSR key from private key

php

ssl

certificate

csr