openssl_csr_get_subject
(PHP 5 >= 5.2.0, PHP 7, PHP 8)
openssl_csr_get_subject — CSR の subject を返す
説明
openssl_csr_get_subject(OpenSSLCertificateSigningRequest|string
$csr
, bool $short_names
= true
): array|false
openssl_csr_get_subject() 関数は、
csr
にエンコードされた subject の識別名の情報を返します。
commonName (CN), organizationName (O), countryName (C) などが含まれます。
パラメータ
戻り値
subject の説明を記した連想配列を返します。失敗した場合に false
を返します
変更履歴
バージョン | 説明 |
---|---|
8.0.0 |
csr は、
OpenSSLCertificateSigningRequest クラスのインスタンスを受け入れるようになりました。
これより前のバージョンでは、
OpenSSL X.509 CSR 型のリソースを受け入れていました。
|
例
例1 openssl_csr_get_subject() の例
<?php
$subject = array(
"countryName" => "CA",
"stateOrProvinceName" => "Alberta",
"localityName" => "Calgary",
"organizationName" => "XYZ Widgets Inc",
"organizationalUnitName" => "PHP Documentation Team",
"commonName" => "Wez Furlong",
"emailAddress" => "wez@example.com",
);
$private_key = openssl_pkey_new(array(
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
));
$configargs = array(
'digest_alg' => 'sha512WithRSAEncryption'
);
$csr = openssl_csr_new($subject, $privkey, $configargs);
print_r(openssl_csr_get_subject($csr));
?>
上の例の出力は、 たとえば以下のようになります。
Array ( [C] => CA [ST] => Alberta [L] => Calgary [O] => XYZ Widgets Inc [OU] => PHP Documentation Team [CN] => Wez Furlong [emailAddress] => wez@example.com )
参考
- openssl_csr_new() - CSR を作成する
- openssl_csr_get_public_key() - CSR の公開鍵を返す
- openssl_x509_parse() - X509 証明書をパースし、配列として情報を返す
+add a note
User Contributed Notes 4 notes
pdm at wp dot pl ¶
9 years ago
openssl_csr_get_subject('somedomain.com',false);
return
array(7) {
["countryName"]=> string "XX"
["stateOrProvinceName"]=> string "xxxxxxxxx"
["localityName"]=> string "xxxxxxxx"
["organizationName"]=> string "xxxxxxxxx"
["organizationalUnitName"]=>string "xxxx"
["commonName"]=>string "xxx"
["emailAddress"]=>string "xxx"
}
openssl_csr_get_subject('somedomain.com',true);
return
array(7) {
["C"]=> string "XX"
["ST"]=> string "xxxxxxxxx"
["L"]=> string "xxxxxxxx"
["O"]=> string "xxxxxxxxx"
["OU"]=>string "xxxx"
["CN"]=>string "xxx"
["emailAddress"]=>string "xxx"
}
mikko koivu ¶
14 years ago
this function does not yet return SANs (subject alternative names) fields for UC certificates like those used in exchange 2007.
Steve ¶
8 years ago
This function may not return name fields in the order they appear in the certificate. For example, this CSR:
-----BEGIN CERTIFICATE REQUEST-----
MIHsMIGUAgEAMDIxEDAOBgNVBAsMB3VuaXQgIzExDDAKBgNVBAoMA29yZzEQMA4G
A1UECwwHdW5pdCAjMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGvZnFxGuVzJ
hOKPs5RNxZBS4vY6ERaqm5tKMGOhxLSfv/dpjDtNNdSHkIGNjYxclHYhxG0ku7BY
PA5uPIjng1SgADAKBggqhkjOPQQDAgNHADBEAiB4GXhhbEU1UFTCe0dwJnKHTQuI
xzYL5FnyhmKdixN/0gIgBXSm9S8L/oJ6rBxemin/V/xKv5jy4TEZuz84nnshxQQ=
-----END CERTIFICATE REQUEST-----
When processed by 'openssl -noout -subject' gives this:
subject=/OU=unit #1/O=org/OU=unit #2
On the other hand, 'var_dump( openssl_csr_get_subject( "..." ) )' will produce this:
csr = array(2) {
["OU"]=>
array(2) {
[0]=>
string(7) "unit #1"
[1]=>
string(7) "unit #2"
}
["O"]=>
string(3) "org"
}
As you can see, ordering information (which may be important for some applications) is lost.
stephan[at]strato-rz[dot]de ¶
15 years ago
The returning assoziative array is indexed with the fields
in the subject so you should have a array key named CN,OU and so on.