macos 使用 PHP 和 OpenSSL 将 P12 转换为 PEM
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/5422205/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Convert P12 to PEM using PHP and OpenSSL
提问by user633268
I'm trying to convert some .p12 files in to .pem.
我正在尝试将一些 .p12 文件转换为 .pem。
On my mac it works, with no interaction as i put the passwords in the code, but when i use this code:
在我的 mac 上它可以工作,没有交互,因为我将密码放入代码中,但是当我使用此代码时:
system('openssl pkcs12 -clcerts -nokeys -out apns-dev-cert.pem -in apns-dev-cert.p12 -passin pass:');
system('openssl pkcs12 -nocerts -out apns-dev-key.pem -in apns-dev-key.p12 -passout pass:1234 -passin pass:');
system('openssl rsa -in apns-dev-key.pem -out apns-dev-key-noenc.pem -passin pass:1234');
system('cat apns-dev-cert.pem apns-dev-key-noenc.pem > apns-dev.pem');
it makes blank files.
它使空白文件。
My file permissions are 755. and for the passin the passwords were set to nothing so thats why they are blank... all the code here without the system() works in the mac terminal..
我的文件权限是 755. 并且对于 passin 密码被设置为空,所以这就是为什么它们是空白的......这里没有 system() 的所有代码都在 mac 终端中工作..
thanks for reading. hope you can help
谢谢阅读。希望你能帮忙
回答by Charles
$filename = 'apns-dev-cert.p12';
$password = '...';
$results = array();
$worked = openssl_pkcs12_read(file_get_contents($filename), $results, $password));
if($worked) {
echo '<pre>', print_r($results, true), '</pre>';
} else {
echo openssl_error_string();
}
Please try running this snippet. Set $passwordto whatever passphrase is needed to open the file. If there's no password, set it to null. I don't believe one is needed from your opensslcommands.
请尝试运行此代码段。设置$password为打开文件所需的任何密码。如果没有密码,请将其设置为空。我不相信你的openssl命令需要一个。
You shouldget output with the desired private key, probably inside $results['pkey'].
您应该使用所需的私钥获得输出,可能在$results['pkey'].
If you see your private key there, then you can pass it to openssl_pkey_exportto get it in PEM format, which you can then write to a file:
如果您在那里看到您的私钥,那么您可以将其传递openssl_pkey_export给以 PEM 格式获取它,然后您可以将其写入文件:
$new_password = null;
$result = null;
$worked = openssl_pkey_export($results['pkey'], $result, $new_password);
if($worked) {
echo "<pre>It worked! Your new pkey is:\n", $result, '</pre>';
} else {
echo openssl_error_string();
}
Set $new_passwordto your desired pkey password, if you want one.
$new_password如果需要,请设置为所需的 pkey 密码。
This shouldwork for you, based on what I'm reading on the various documentation pages.
根据我在各种文档页面上阅读的内容,这应该对您有用。
If you reallywant to continue using the opensslcommand by shelling out, please consider using proc_openinstead of system, so that you can properly catch error messages.
如果你真的想openssl通过 shell out来继续使用命令,请考虑使用proc_open代替system,这样你就可以正确地捕捉错误消息。
It's also possible that OpenSSL is trying to read the config file, and doesn't have permission to so, though it shouldgive you an error about that.
也有可能 OpenSSL 正在尝试读取配置文件,但没有权限这样做,尽管它应该会给您一个错误。
