The opensl_pkcs12_export() function is a built-in function in PHP which is used to store in a string called x509 in a PKCS # 12 file format. Certificate store file corresponding to PKCS # 12 variable.
Syntax:
bool openssl_pkcs12_export( mixed $x509, string &$out,
mixed $priv_key, string $pass [, array $args] )
Parameters: This function accepts five parameters as mentioned above and described below:
- $x509: This parameter is a standard defining the format of public key certificate.
- $out: This is the variable passed by reference which holds PKCS#12 on successful execution of the above function.
- $priv_key: This parameter is used for the private key that matches the dessert “priv_key”. The private key is a component of the PKCS # 12 file.
- $pass: This parameter is used for encryption password for unlocking the PKCS#12 file.
- $args: The “$args” stands for arguments and variables are values representing something else.
Return Values: This function returns TRUE on success or FALSE on failure.
Below program illustrates the openssl_pkcs12_export() function in PHP:
Program:
PHP
<?php $dn = array( "countryName" => 'xx', "stateOrProvinceName" => 'uttar prradesh', "localityName" => 'varanasi', "organizationName" => 'neveropen', "organizationalUnitName" => 'neveropen team', "commonName" => 'people', "emailAddress" => 'user@neveropen.com'); $privateKeyPass = 'dummyPassword'; $numberOfDays = 108; $privateKey = openssl_pkey_new(); $csr = openssl_csr_new($dn, $privateKey); // Create a csr file, change null // to a filename to save $sscert = openssl_csr_sign($csr, null, $privateKey, $numberOfDays); // On success $publicKey will // hold the PEM content openssl_x509_export($sscert, $publicKey); // Export the privateKey as a PEM content openssl_pkey_export($privateKey, $privateKey, $privateKeyPass); // Parses the $privateKey and used // by openssl_pkcs12_export_to_file. $key = openssl_pkey_get_private( $privateKey, $privateKeyPass); $certificateOutput = null; // Save the pfx file to $certificateOutput openssl_pkcs12_export($sscert, $certificateOutput, $key, $privateKeyPass); // openssl_pkcs12_read to read the pkcs12 // certificate and store into array openssl_pkcs12_read ( $certificateOutput, $readableOutput, $privateKeyPass ); var_dump(($readableOutput)); ?> |
Output:
array(2) {
["cert"]=>
string(1444) "-----BEGIN CERTIFICATE-----
MIID/DCCAuSgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBljELMAkGA1UEBhMCeHgx
FzAVBgNVBAgMDnV0dGFyIHBycmFkZXNoMREwDwYDVQQHDAh2YXJhbmFzaTEWMBQG
A1UECgwNZ2Vla3Nmb3JnZWVrczETMBEGA1UECwwKZ2Vla3MgdGVhbTEPMA0GA1UE
AwwGcGVvcGxlMR0wGwYJKoZIhvcNAQkBFg51c2VyQGdlZWtzLmNvbTAeFw0yMDA4
MzExODI2MjRaFw0yMDEyMTcxODI2MjRaMIGWMQswCQYDVQQGEwJ4eDEXMBUGA1UE
CAwOdXR0YXIgcHJyYWRlc2gxETAPBgNVBAcMCHZhcmFuYXNpMRYwFAYDVQQKDA1n
ZWVrc2ZvcmdlZWtzMRMwEQYDVQQLDApnZWVrcyB0ZWFtMQ8wDQYDVQQDDAZwZW9w
bGUxHTAbBgkqhkiG9w0BCQEWDnVzZXJAZ2Vla3MuY29tMIIBIjANBgkqhkiG9w0B
AQEFAAOCAQ8AMIIBCgKCAQEA6LqzqnM6jmxF3vK7tBQo10rnJnLaox5U2MCds2WF
tnQY3NTdcFA/nLWkis+yacymBEXVFyBk9wWk91gTMnDG5vRgE/k47x2YjRinbnuC
zlFtozXYNaZE44oT3r1pTrJ7EvK2QyAV8iKtvSwzWm4AJz+/Fbs69FKpPzbGbRX8
aYalfD/D2m/OBFQRyYJNKKCJT/BTleXrk9gfEtGo9OWz5cMiqgRZMdoZ9ZqmwAUf
mShOWs63KyA37ncpS3LdMy2bz5sypBdrNVRGcoGIX7QqHGQVYd2YcDpJVdOk/or2
xTfTLhUtVKNrT9C11i95FK4C+qUma5f/BmTFfjJYwvC2mwIDAQABo1MwUTAdBgNV
HQ4EFgQU2czXSXWN7NfuYuTmhoQ4mwLuIf0wHwYDVR0jBBgwFoAU2czXSXWN7Nfu
YuTmhoQ4mwLuIf0wDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEA
M7U6Rvx8SopjVdYyZVgYooWnV3mEO8XUb3qatLAkCQr8DLEVuKih71atG1dCFQQX
UorI7SlcneXzBoYzGLy1Y/CVcwX9H5AAdmXtoRLURvf2QpPXll5u81a4TE8xrlpI
CpqvWhKbRgk/ED5BwhLus531p4hGpijkH/qRvxg7VG1MBpo8liRxj73Am1ksc3yU
3HNkNjB6+YutR2YOc3x0JYUNVakwtQJkGqQOrGgKTsgEfnidvGeRLT03/3FleKef
V6T9UXROb9qXvNRR1B1/NH70WNxYNDoawebW4qs4ujd0DqR/tKPUDxaI2aT7fAJq
ZEgo7iC17x6qTzy1RmnBDQ==
-----END CERTIFICATE-----
"
["pkey"]=>
string(1704) "-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDourOqczqObEXe
8ru0FCjXSucmctqjHlTYwJ2zZYW2dBjc1N1wUD+ctaSKz7JpzKYERdUXIGT3BaT3
WBMycMbm9GAT+TjvHZiNGKdue4LOUW2jNdg1pkTjihPevWlOsnsS8rZDIBXyIq29
LDNabgAnP78Vuzr0Uqk/NsZtFfxphqV8P8Pab84EVBHJgk0ooIlP8FOV5euT2B8S
0aj05bPlwyKqBFkx2hn1mqbABR+ZKE5azrcrIDfudylLct0zLZvPmzKkF2s1VEZy
gYhftCocZBVh3ZhwOklV06T+ivbFN9MuFS1Uo2tP0LXWL3kUrgL6pSZrl/8GZMV+
MljC8LabAgMBAAECggEAUKOAZWsPuxGhFCMfDsJ9dDur5BKf1y1HUONMwUBIGHQZ
uUq4f5YOtInrvX1B4I7cZ1abAyxiT4VRJ7MI081n3daHA+Sy6YdjuF/2g72gEUT9
rDOX+t7lt8G8KM2Qk4gcRPB8Xr3bXM7PTGDoWkkLHI5l822we7+4jQK5tkqL7zPj
J8mLpntkERWdZcX2MsH0F0gdFz1QxRuQEKqoE2Jo+ZjW+aUR1MGPp0lLAiZSl3sD
/wQa7UqU01IZHy+KIMEGHWkoJqdufMw+WxqVLap5RuWvV6hufdcocIlsnhWt83Iq
G35GavGJWG3kWVzXftZN6x9X+5rr65yO8rxxqGwwIQKBgQD6FRGHkEmKV99/mmh6
w7UY6JUjvrIdSq6bD8qf+LcNdMLf9Ucl9+XrYPaHlOMrtoxG2eqh0SfViW/hvCwO
kf5izmemfkPTVqCZGVmxEU/A2TEV/LZEGi2t7s333oK8eIMqgTf8ZO5VP0Dz1X4y
F6hLVyNkO9NW+Fd/4i+7cL6X9wKBgQDuPIN4T00Pz1be/IMpjaNYq5Tbs7stuRUT
I2toENo6zSc3LdEMJ3jYNzH2XU65D92xQqjl2fnNso681dd0ZIrSY0ofP086kT6I
JyKydh/KJ5Fx39AAtK73N74NuPdFmwh4uKyl8TIson6/nwFDylDtDy18zGSQ5JrW
xpYF7hDVfQKBgQCwjM0qUk/Irg6n7B9Ug/PG2PPpH0hpa37nE3fuBc1dX4/wQh3v
jRoxWOvSfeb+xkoz/sYpZRplIzjsOUc1JhZcNPFx1fQWMDMCwqXSXrFaKTsBFb6r
R3v2LgAUvG65la6sBDu9IJgtcJFvUspbnN4ACk1/BslFvd8v9kPSZV74swKBgB5e
NFwHr8kOIwK1qXqIhYPuC0GePYPsjdUstKpFS6wnLpKIEpe8CFl3X7UJ29kXPqkz
2BfEm2UvF6bWk2pQzqlW4sHs7gqHLTNp2bBqAk9gj9e2MeuFHLCCuIVDSLHku0W4
NLnKbxzlcca3XA/qIDq3rpKz8zXNDjfGhKUo3Zh5AoGBAIUC/NP0AwYX3jlLy7I1
eyu9FfLC7ZOLYW0FD7qm5B9CtGgLCKjOaRbaUl2M3Zm2YQ5f+hVrJxViA7SRf383
QkTVFmtvz5zkBjCPNOV4TedrPAgcDy0qgCjiGWzWi86fBBXV6UjgYX65txm7I+kz
fZ4o9fUosret4HH3hX8xkM35
-----END PRIVATE KEY-----
"
}
Reference: https://www.php.net/manual/en/function.openssl-pkcs12-export.php
