• 首页
  • vue
  • TypeScript
  • JavaScript
  • scss
  • css3
  • html5
  • php
  • MySQL
  • redis
  • jQuery
    •
    位置: php 中文手册 -> php 外部扩展库 -> openssl库(通信加密)

    openssl_csr_get_subject()

    (PHP 5 >= 5.2.0, PHP 7)

    返回CSR的主题

    说明

    openssl_csr_get_subject(mixed $csr[,bool $use_shortnames= true]): array

    openssl_csr_get_subject()返回$csr中专有名称信息的主题,其中包含了通用名称(CN),机构名称(O),国家名(C)等字段。

    参数

    $csr

    See CSR parameters for a list of valid values.

    $use_shortnames

    $shortnames控制着数据如何在数组中被索引- 如果$shortnamesTRUE(默认)将使用简称形式对字段进行索引,否则将使用全称形式- 比如: CN 就是 commonName 的简称形式。

    返回值

    成功时返回TRUE,或者在失败时返回FALSE

    范例

    openssl_csr_get_subject()范例

    <?php
$subject = array(
    "countryName" => "CA",
    "stateOrProvinceName" => "Alberta",
    "localityName" => "Calgary",
    "organizationName" => "XYZ Widgets Inc",
    "organizationalUnitName" => "PHP Documentation Team",
    "commonName" => "Wez Furlong",
    "emailAddress" => "wez@example.com",
);
$private_key = openssl_pkey_new(array(
    "private_key_bits" => 2048,
    "private_key_type" => OPENSSL_KEYTYPE_RSA,
));
$configargs = array(
    'digest_alg' => 'sha512WithRSAEncryption'
);
$csr = openssl_csr_new($subject, $privkey, $configargs);
print_r(openssl_csr_get_subject($csr));
?>

    以上例程的输出类似于:

    Array
(
    [C] => CA
    [ST] => Alberta
    [L] => Calgary
    [O] => XYZ Widgets Inc
    [OU] => PHP Documentation Team
    [CN] => Wez Furlong
    [emailAddress] => wez@example.com
)

    参见

    openssl_csr_get_subject('somedomain.com',false);
return
array(7) {
 ["countryName"]=> string "XX"
 ["stateOrProvinceName"]=> string "xxxxxxxxx"
 ["localityName"]=> string "xxxxxxxx"
 ["organizationName"]=> string "xxxxxxxxx"
 ["organizationalUnitName"]=>string "xxxx"
 ["commonName"]=>string "xxx"
 ["emailAddress"]=>string "xxx"
}
 openssl_csr_get_subject('somedomain.com',true);
return
array(7) {
 ["C"]=> string "XX"
 ["ST"]=> string "xxxxxxxxx"
 ["L"]=> string "xxxxxxxx"
 ["O"]=> string "xxxxxxxxx"
 ["OU"]=>string "xxxx"
 ["CN"]=>string "xxx"
 ["emailAddress"]=>string "xxx"
}
    This function may not return name fields in the order they appear in the certificate. For example, this CSR:
-----BEGIN CERTIFICATE REQUEST-----
MIHsMIGUAgEAMDIxEDAOBgNVBAsMB3VuaXQgIzExDDAKBgNVBAoMA29yZzEQMA4G
A1UECwwHdW5pdCAjMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGvZnFxGuVzJ
hOKPs5RNxZBS4vY6ERaqm5tKMGOhxLSfv/dpjDtNNdSHkIGNjYxclHYhxG0ku7BY
PA5uPIjng1SgADAKBggqhkjOPQQDAgNHADBEAiB4GXhhbEU1UFTCe0dwJnKHTQuI
xzYL5FnyhmKdixN/0gIgBXSm9S8L/oJ6rBxemin/V/xKv5jy4TEZuz84nnshxQQ=
-----END CERTIFICATE REQUEST-----
When processed by 'openssl -noout -subject' gives this:
subject=/OU=unit #1/O=org/OU=unit #2
On the other hand, 'var_dump( openssl_csr_get_subject( "..." ) )' will produce this:
csr = array(2) {
 ["OU"]=>
 array(2) {
  [0]=>
  string(7) "unit #1"
  [1]=>
  string(7) "unit #2"
 }
 ["O"]=>
 string(3) "org"
}
As you can see, ordering information (which may be important for some applications) is lost.
    this function does not yet return SANs (subject alternative names) fields for UC certificates like those used in exchange 2007.
    The returning assoziative array is indexed with the fields
in the subject so you should have a array key named CN,OU and so on.

    上篇:openssl_csr_get_public_key()

    下篇:openssl_csr_new()