Hello - I'm seeing odd behavior with some openssl function in php. Versions: php 4.3.2 ./configure' '--with-mysql' '--with-apxs=/usr/local/apache/bin/apxs' '--with-openssl' OpenSSL 0.9.7a
I've seen almost this exact question posted on the openssl mailing list but no one answered and a very similar question posted here in March without an answer. Hopefully someone can answer them now. I get a number of errors for nearly every function call in the script that follows. I've verified that the openssl.cnf file I want to use is being used (by putting garbage in it and watching the script fail badly). I'm using the openssl.cnf file exactly as it came with OpenSSL 0.9.7a. Then openssl_csr_sign simply fails to generate the signed user certificate at all. My questions are: Why so many errors? Can they be ignored for the functions that seem to succeed anyway? Why is openssl_csr_sign failing, but not creating any usefull error messages about the failure? Here is the script, and then the output it creates: === Start Script =========== <? print "\nCalling openssl_pkey_new..\n"; $privkey = openssl_pkey_new(); while( ( $e = openssl_error_string() ) !== false ) echo "openssl_pkey_new: " . $e . "\n"; print "\nCalling openssl_pkey_export..\n"; openssl_pkey_export( $privkey, $pkeyout, "" ) and debug_zval_dump( $pkeyout ); while( ( $e = openssl_error_string() ) !== false ) echo "openssl_pkey_export: " . $e . "\n"; $dn = array( "countryName" => "US", "stateOrProvinceName" => "California", "localityName" => "San Diego", "organizationName" => "ABC, Inc.", "organizationalUnitName" => "security", "commonName" => "security", "emailAddress" => "[EMAIL PROTECTED]" ); print "\nCalling openssl_csr_new..\n"; $csr = openssl_csr_new( $dn, $privkey ); while( ( $e = openssl_error_string() ) !== false ) echo "openssl_csr_new: " . $e . "\n"; print "\nCalling openssl_csr_export..\n"; openssl_csr_export( $csr, $csrout ) and debug_zval_dump( $csrout ); while( ( $e = openssl_error_string() ) !== false ) echo "openssl_csr_export: " . $e . "\n"; // XXX - This function is returning NULL print "\nCalling openssl_csr_sign..\n"; $userscert = openssl_csr_sign( $csr, null, $privkey, 365 ); while( ( $e = openssl_error_string() ) !== false ) echo "openssl_csr_sign: " . $e . "\n"; print "\nCalling openssl_x509_export..\n"; openssl_x509_export( $usercert, $certout ); while( ( $e = openssl_error_string() ) !== false ) echo "openssl_x509_export: " . $e . "\n"; ?> === End Script ============== === Start Output from Script ======= Calling openssl_pkey_new.. openssl_pkey_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_pkey_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_pkey_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_pkey_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_pkey_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_pkey_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_pkey_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value Calling openssl_pkey_export.. string(963) "-----BEGIN RSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,E9B45083DA913772 BtlHmNEz....... ...........v7Cb1LCA== -----END RSA PRIVATE KEY----- " refcount(2) openssl_pkey_export: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_pkey_export: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_pkey_export: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_pkey_export: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_pkey_export: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_pkey_export: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_pkey_export: error:0E06D06C:configuration file routines:NCONF_get_string:no value Calling openssl_csr_new.. openssl_csr_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_csr_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_csr_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_csr_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_csr_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_csr_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_csr_new: error:0E06D06C:configuration file routines:NCONF_get_string:no value Calling openssl_csr_export.. string(712) "-----BEGIN CERTIFICATE REQUEST----- MIIB1jCC...... ......y7O+stINZ -----END CERTIFICATE REQUEST----- " refcount(2) Calling openssl_csr_sign.. openssl_csr_sign: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_csr_sign: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_csr_sign: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_csr_sign: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_csr_sign: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_csr_sign: error:0E06D06C:configuration file routines:NCONF_get_string:no value openssl_csr_sign: error:0E06D06C:configuration file routines:NCONF_get_string:no value Calling openssl_x509_export.. <br /> <b>Warning</b>: openssl_x509_export() expects parameter 1 to be resource, null given in <b>/var/www/html/snap/simp.php</b> on line <b>41</b><br /> === End Output from Script ============ Thanks in advance. -- Shaun McIntyre [EMAIL PROTECTED] -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php