|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(PHP ActiveX) Duplicate CSR Created by OpenSSL with Config.cnfSee more CSR ExamplesDemonstrates how to duplicate a CSR created by the following commands: # Generate Private Key openssl ecparam -name secp256k1 -genkey -noout -out PrivateKey.pem #Generate CSR openssl req -new -sha256 -key PrivateKey.pem -extensions v3_req -config Config.cnf -out CSR.csr
<?php // This example assumes the Chilkat API to have been previously unlocked. // See Global Unlock Sample for sample code. // This example duplicates the CSR created by OpenSSL with the following config file: // oid_section = OIDs // [ OIDs ] // certificateTemplateName= 1.3.6.1.4.1.311.20.2 // // [ req ] // default_bits = 2048 // emailAddress = it@example.sa // req_extensions = v3_req // x509_extensions = v3_ca // prompt = no // default_md = sha256 // req_extensions = req_ext // distinguished_name = dn // // [ v3_req ] // basicConstraints = CA:FALSE // keyUsage = digitalSignature, nonRepudiation, keyEncipherment // // [req_ext] // certificateTemplateName = ASN1:PRINTABLESTRING:ZATCA-Code-Signing // subjectAltName = dirName:alt_names // // [ dn ] // CN =EXAMPLE-CORP # Common Name // C=SA # Country Code e.g SA // OU=HEAD-OFFICE # Organization Unit Name // O=ASC # Organization Name // // [alt_names] // SN=1-ASC|2-V01|3-1234567890 # EGS Serial Number 1-ABC|2-PQR|3-XYZ // UID=312345678900003 # Organization Identifier (VAT Number) // title=1100 # Invoice Type // registeredAddress=Dammam # Address // businessCategory=IT # Business Category // The OpenSSL commands we are duplicating: // openssl ecparam -name secp256k1 -genkey -noout -out PrivateKey.pem // openssl req -new -sha256 -key PrivateKey.pem -extensions v3_req -config Config.cnf -out CSR.csr // The 1st step is to actually use OpenSSL to generate a sample CSR.csr that we wish to duplicate. // With the sample CSR.csr, we get the ExtensionRequest as XML. // For example: // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.StringBuilder') $sbCsr = new COM("Chilkat.StringBuilder"); $success = $sbCsr->LoadFile('qa_data/csr/openssl_cnf/CSR.csr','utf-8'); if ($success == 0) { print 'Failed to load CSR.csr' . "\n"; exit; } // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Csr') $csr0 = new COM("Chilkat.Csr"); $success = $csr0->LoadCsrPem($sbCsr->getAsString()); if ($success == 0) { print $csr0->LastErrorText . "\n"; exit; } // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Xml') $xml0 = new COM("Chilkat.Xml"); $success = $csr0->GetExtensionRequest($xml0); if ($success == 0) { print $csr0->LastErrorText . "\n"; exit; } // Let's examine the extension request.. print $xml0->getXml() . "\n"; // <?xml version="1.0" encoding="utf-8"?> // <set> // <sequence> // <sequence> // <oid>1.3.6.1.4.1.311.20.2</oid> // <asnOctets> // <printable>ZATCA-Code-Signing</printable> // </asnOctets> // </sequence> // <sequence> // <oid>2.5.29.17</oid> // <asnOctets> // <sequence> // <contextSpecific tag="4" constructed="1"> // <sequence> // <set> // <sequence> // <oid>2.5.4.4</oid> // <utf8>1-ASC|2-V01|3-1234567890</utf8> // </sequence> // </set> // <set> // <sequence> // <oid>0.9.2342.19200300.100.1.1</oid> // <utf8>312345678900003</utf8> // </sequence> // </set> // <set> // <sequence> // <oid>2.5.4.12</oid> // <utf8>1100</utf8> // </sequence> // </set> // <set> // <sequence> // <oid>2.5.4.26</oid> // <utf8>Dammam</utf8> // </sequence> // </set> // <set> // <sequence> // <oid>2.5.4.15</oid> // <utf8>IT</utf8> // </sequence> // </set> // </sequence> // </contextSpecific> // </sequence> // </asnOctets> // </sequence> // </sequence> // </set> // If you wish to generate the above XML without going through the above steps, copy the XML into // the online tool at https://tools.chilkat.io/xmlCreate // Here is the generated code for the above XML: // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Xml') $xml = new COM("Chilkat.Xml"); $xml->Tag = 'set'; $xml->UpdateChildContent('sequence|sequence|oid','1.3.6.1.4.1.311.20.2'); $xml->UpdateChildContent('sequence|sequence|asnOctets|printable','ZATCA-Code-Signing'); $xml->UpdateChildContent('sequence|sequence[1]|oid','2.5.29.17'); $xml->UpdateAttrAt('sequence|sequence[1]|asnOctets|sequence|contextSpecific',1,'tag','4'); $xml->UpdateAttrAt('sequence|sequence[1]|asnOctets|sequence|contextSpecific',1,'constructed','1'); $xml->UpdateChildContent('sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set|sequence|oid','2.5.4.4'); $xml->UpdateChildContent('sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set|sequence|utf8','1-ASC|2-V01|3-1234567890'); $xml->UpdateChildContent('sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[1]|sequence|oid','0.9.2342.19200300.100.1.1'); $xml->UpdateChildContent('sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[1]|sequence|utf8','312345678900003'); $xml->UpdateChildContent('sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[2]|sequence|oid','2.5.4.12'); $xml->UpdateChildContent('sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[2]|sequence|utf8','1100'); $xml->UpdateChildContent('sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[3]|sequence|oid','2.5.4.26'); $xml->UpdateChildContent('sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[3]|sequence|utf8','Dammam'); $xml->UpdateChildContent('sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[4]|sequence|oid','2.5.4.15'); $xml->UpdateChildContent('sequence|sequence[1]|asnOctets|sequence|contextSpecific|sequence|set[4]|sequence|utf8','IT'); // We'll need a new secp256k1 private key, so let's generate it. // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Ecc') $ecdsa = new COM("Chilkat.Ecc"); // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Prng') $prng = new COM("Chilkat.Prng"); // privKey is a Chilkat.PrivateKey $privKey = $ecdsa->GenEccKey('secp256k1',$prng); if ($ecdsa->LastMethodSuccess == 0) { print $ecdsa->LastErrorText . "\n"; exit; } print 'Generated secp256k1 private key.' . "\n"; // Use a new CSR object to generate a CSR with the private key and extension request. // For versions of Chilkat < 10.0.0, use new COM('Chilkat_9_5_0.Chilkat.Csr') $csr = new COM("Chilkat.Csr"); // Add the [dn] fields // [ dn ] // CN =EXAMPLE-CORP # Common Name // C=SA # Country Code e.g SA // OU=HEAD-OFFICE # Organization Unit Name // O=ASC # Organization Name $csr->CommonName = 'EXAMPLE-CORP'; $csr->Country = 'SA'; $csr->CompanyDivision = 'HEAD-OFFICE'; $csr->Company = 'ASC'; // Add the extension request to the CSR $csr->SetExtensionRequest($xml); // Generate the CSR with the extension request $csrPem = $csr->genCsrPem($privKey); if ($csr->LastMethodSuccess == 0) { print $csr->LastErrorText . "\n"; exit; } print $csrPem . "\n"; // Sample output: // -----BEGIN CERTIFICATE REQUEST----- // MIIBuDCCAV8CAQAwSDEVMBMGA1UEAwwMRVhBTVBMRS1DT1JQMQswCQYDVQQGEwJT // QTEUMBIGA1UECwwLSEVBRC1PRkZJQ0UxDDAKBgNVBAoMA0FTQzBWMBAGByqGSM49 // AgEGBSuBBAAKA0IABFI5rusr76HiJcMMr1r4L0B0BOAs6azLkt/RwHoT6A0xFRRt // tulWT40tNhx3qJ4I5ePNgMceOEtuK1kMGVTovI6ggbcwgbQGCSqGSIb3DQEJDjGB // pjCBozAhBgkrBgEEAYI3FAIEFBMSWkFUQ0EtQ29kZS1TaWduaW5nMH4GA1UdEQR3 // MHWkczBxMSEwHwYDVQQEDBgxLUFTQ3wyLVYwMXwzLTEyMzQ1Njc4OTAxHzAdBgoJ // kiaJk/IsZAEBDA8zMTIzNDU2Nzg5MDAwMDMxDTALBgNVBAwMBDExMDAxDzANBgNV // BBoMBkRhbW1hbTELMAkGA1UEDwwCSVQwCgYIKoZIzj0EAwIDRwAwRAIgJnbgpSGb // diB+0M1VTqc1GU9sFsfnOvVN/8WhWRRxQIwCIF5eH9vgMgXyoU284X8Bx3dqOJ4q // xashGWci87POxSvT // -----END CERTIFICATE REQUEST----- ?> |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.