Bro*_*ley 50 php apache openssl apache2 easyphp
问题: OpenSSL无法在我的Windows环境中运行.OpenSSL重复报告错误0x02001003,0x2006D080和0x0E064002.
环境:
Windows NT x 6.1 build 7601 (Windows 7 Business Edition Service Pack 1) i586
Apache/2.4.4 (Win32)
PHP/5.4.13 x86
PHP Directory: E:\wamp\php\
Virtual Host Directory: E:\Projects\1\public_html
我尝试过的:
extension=php_openssl.dllE:\wamp\php\extras\openssl.cnfE:\wamp\phpconfigargs<Directory E:\wamp\php\extras>在apache配置中指定openssl.cnf到virtualhost public_html,指向并仍然得到相同的错误码:
$privateKey = openssl_pkey_new();
while($message = openssl_error_string()){
echo $message.'<br />'.PHP_EOL;
}
结果:
error:02001003:system library:fopen:No such process
error:2006D080:BIO routines:BIO_new_file:no such file
error:0E064002:configuration file routines:CONF_load:system lib
error:02001003:system library:fopen:No such process
error:2006D080:BIO routines:BIO_new_file:no such file
error:0E064002:configuration file routines:CONF_load:system lib
OpenSSL手动:
E:\wamp\apache\bin>openssl.exe pkey
WARNING: can't open config file: c:/openssl-1.0.1e/ssl/openssl.cnf
E:\wamp\apache\bin>set OPENSSL_CONF="E:\wamp\php\extras\openssl.cnf"
E:\wamp\apache\bin>openssl.exe pkey
3484:error:0200107B:system library:fopen:Unknown error:.\crypto\bio\bss_file.c:169:fopen('"E:\wamp\php\extras\openssl.cnf"','rb')
3484:error:2006D002:BIO routines:BIO_new_file:system lib:.\crypto\bio\bss_file.c:174:
3484:error:0E078002:configuration file routines:DEF_LOAD:system lib:.\crypto\conf\conf_def.c:199:
编辑:
openssl_error_string最后的想法:
我设置了一个linux盒子,我遇到了同样的错误.经过一些游戏,我看到即使它在openssl_pkey_new中抛出错误,它最终会创建我的测试p12文件.长话短说,错误是误导性的,它必须更多地处理你如何使用openssl功能而不是服务器端配置.
最终代码:
// Create the keypair
$res=openssl_pkey_new();
// Get private key
openssl_pkey_export($res, $privkey);
// Get public key
$pubkey=openssl_pkey_get_details($res);
$pubkey=$pubkey["key"];
// Actual file
$Private_Key = null;
$Unsigned_Cert = openssl_csr_new($Info,$Private_Key,$Configs);
$Signed_Cert = openssl_csr_sign($Unsigned_Cert,null,$Private_Key,365,$Configs);
openssl_pkcs12_export_to_file($Signed_Cert,"test.p12",$Private_Key,"123456");
离得很近.
一年后...
所以,我发现自己在一年后,也不管我在电脑上或脚本执行过程中设置任何PATH变量再次这样做,不停地示数约未找到文件.我能够通过传入数组中的config参数来解决它.这是一个测试成功使用OpenSSL的能力的函数:config_argsopenssl_pkey_new
/**
* Tests the ability to 1) create pub/priv key pair 2) extract pub/priv keys 3) encrypt plaintext using keys 4) decrypt using keys
*
* @return boolean|string False if fails, string if success
*/
function testOpenSSL($opensslConfigPath = NULL)
{
if ($opensslConfigPath == NULL)
{
$opensslConfigPath = "E:/Services/Apache/httpd-2.4.9-win32-VC11/conf/openssl.cnf";
}
$config = array(
"config" => $opensslConfigPath,
"digest_alg" => "sha512",
"private_key_bits" => 4096,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
);
$res = openssl_pkey_new($config); // <-- CONFIG ARRAY
if (empty($res)) {return false;}
// Extract the private key from $res to $privKey
openssl_pkey_export($res, $privKey, NULL, $config); // <-- CONFIG ARRAY
// Extract the public key from $res to $pubKey
$pubKey = openssl_pkey_get_details($res);
if ($pubKey === FALSE){return false;}
$pubKey = $pubKey["key"];
$data = 'plaintext data goes here';
// Encrypt the data to $encrypted using the public key
$res = openssl_public_encrypt($data, $encrypted, $pubKey);
if ($res === FALSE){return false;}
// Decrypt the data using the private key and store the results in $decrypted
$res = openssl_private_decrypt($encrypted, $decrypted, $privKey);
if ($res === FALSE){return false;}
return $decrypted;
}
// Example usage:
$res = testOpenSSL();
if ($res === FALSE)
{
echo "<span style='background-color: red;'>Fail</span>";
} else {
echo "<span style='background-color: green;'>Pass: ".$res."</span>";
}
下面的代码按预期工作.但是如果你openssl_error_string()在openssl方法之后运行它会显示error:0E06D06C:configuration file routines:NCONF_get_string:no value哪些是我无法找到文档的通知.
进一步请注意,根据http://www.php.net/manual/en/function.openssl-error-string.php,您可能会看到错误消息,因为错误消息已排队:
使用此函数检查错误时要小心,因为它似乎从>错误的缓冲区中读取,这可能包括来自使用openssl>函数的另一个脚本或进程的错误.(在我调用任何> openssl_*函数之前,我很惊讶地发现它会丢失错误消息)
<?php
/* Create the private and public key */
$res = openssl_pkey_new();
openssl_error_string(); // May throw error even though its working fine!
/* Extract the private key from $res to $privKey */
openssl_pkey_export($res, $privKey);
openssl_error_string(); // May throw error even though its working fine!
/* Extract the public key from $res to $pubKey */
$pubKey = openssl_pkey_get_details($res);
$pubKey = $pubKey["key"];
$data = 'i.amniels.com is a great website!';
/* Encrypt the data using the public key
* The encrypted data is stored in $encrypted */
openssl_public_encrypt($data, $encrypted, $pubKey);
/* Decrypt the data using the private key and store the
* result in $decrypted. */
openssl_private_decrypt($encrypted, $decrypted, $privKey);
echo $decrypted;
?>
这里有几件事:
%PATH%还应该包含 windows 和 system32,因此您的 %PATH% 应该看起来像c:\windows;c:\windows\system32;E:\wamp\php并且e:\wamp\php应该是 openssl dll 文件
还可以尝试使用与标头版本匹配的 openssl 版本在此处0.9.8y 5 Feb 2013下载32 位和此处下载64 位
这段代码似乎对我有用:
// Create the keypair
$res=openssl_pkey_new();
// Get private key
openssl_pkey_export($res, $privkey);
// Get public key
$pubkey=openssl_pkey_get_details($res);
$pubkey=$pubkey["key"];
$Info = array(
"countryName" => "UK",
"stateOrProvinceName" => "Somerset",
"localityName" => "Glastonbury",
"organizationName" => "The Brain Room Limited",
"organizationalUnitName" => "PHP Documentation Team",
"commonName" => "Wez Furlong",
"emailAddress" => "wez@example.com"
);
// Actual file
$Private_Key = null;
$Unsigned_Cert = openssl_csr_new($Info,$Private_Key);
$Signed_Cert = openssl_csr_sign($Unsigned_Cert,null,$Private_Key,365);
openssl_pkcs12_export_to_file($Signed_Cert,"test.p12",$Private_Key,"123456");
| 归档时间: |
|
| 查看次数: |
33545 次 |
| 最近记录: |