openssl_csr_get_subject
(PHP 5 >= 5.2.0)
openssl_csr_get_subject — Returns the subject of a CERT
Description
Warning
This function is currently not documented; only its argument list is available.
- PHP Руководство
- Функции по категориям
- Индекс функций
- Справочник функций
- Криптографические расширения
- OpenSSL
- openssl_cipher_iv_length
- openssl_csr_export_to_file
- openssl_csr_export
- openssl_csr_get_public_key
- openssl_csr_get_subject
- openssl_csr_new
- openssl_csr_sign
- openssl_decrypt
- openssl_dh_compute_key
- openssl_digest
- openssl_encrypt
- openssl_error_string
- openssl_free_key
- openssl_get_cert_locations
- openssl_get_cipher_methods
- openssl_get_md_methods
- openssl_get_privatekey
- openssl_get_publickey
- openssl_open
- openssl_pbkdf2
- openssl_pkcs12_export_to_file
- openssl_pkcs12_export
- openssl_pkcs12_read
- openssl_pkcs7_decrypt
- openssl_pkcs7_encrypt
- openssl_pkcs7_sign
- openssl_pkcs7_verify
- openssl_pkey_export_to_file
- openssl_pkey_export
- openssl_pkey_free
- openssl_pkey_get_details
- openssl_pkey_get_private
- openssl_pkey_get_public
- openssl_pkey_new
- openssl_private_decrypt
- openssl_private_encrypt
- openssl_public_decrypt
- openssl_public_encrypt
- openssl_random_pseudo_bytes
- openssl_seal
- openssl_sign
- openssl_spki_export_challenge
- openssl_spki_export
- openssl_spki_new
- openssl_spki_verify
- openssl_verify
- openssl_x509_check_private_key
- openssl_x509_checkpurpose
- openssl_x509_export_to_file
- openssl_x509_export
- openssl_x509_fingerprint
- openssl_x509_free
- openssl_x509_parse
- openssl_x509_read
Коментарии
The returning assoziative array is indexed with the fields
in the subject so you should have a array key named CN,OU and so on.
this function does not yet return SANs (subject alternative names) fields for UC certificates like those used in exchange 2007.
openssl_csr_get_subject('somedomain.com',false);
return
array(7) {
["countryName"]=> string "XX"
["stateOrProvinceName"]=> string "xxxxxxxxx"
["localityName"]=> string "xxxxxxxx"
["organizationName"]=> string "xxxxxxxxx"
["organizationalUnitName"]=>string "xxxx"
["commonName"]=>string "xxx"
["emailAddress"]=>string "xxx"
}
openssl_csr_get_subject('somedomain.com',true);
return
array(7) {
["C"]=> string "XX"
["ST"]=> string "xxxxxxxxx"
["L"]=> string "xxxxxxxx"
["O"]=> string "xxxxxxxxx"
["OU"]=>string "xxxx"
["CN"]=>string "xxx"
["emailAddress"]=>string "xxx"
}
This function may not return name fields in the order they appear in the certificate. For example, this CSR:
-----BEGIN CERTIFICATE REQUEST-----
MIHsMIGUAgEAMDIxEDAOBgNVBAsMB3VuaXQgIzExDDAKBgNVBAoMA29yZzEQMA4G
A1UECwwHdW5pdCAjMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGvZnFxGuVzJ
hOKPs5RNxZBS4vY6ERaqm5tKMGOhxLSfv/dpjDtNNdSHkIGNjYxclHYhxG0ku7BY
PA5uPIjng1SgADAKBggqhkjOPQQDAgNHADBEAiB4GXhhbEU1UFTCe0dwJnKHTQuI
xzYL5FnyhmKdixN/0gIgBXSm9S8L/oJ6rBxemin/V/xKv5jy4TEZuz84nnshxQQ=
-----END CERTIFICATE REQUEST-----
When processed by 'openssl -noout -subject' gives this:
subject=/OU=unit #1/O=org/OU=unit #2
On the other hand, 'var_dump( openssl_csr_get_subject( "..." ) )' will produce this:
csr = array(2) {
["OU"]=>
array(2) {
[0]=>
string(7) "unit #1"
[1]=>
string(7) "unit #2"
}
["O"]=>
string(3) "org"
}
As you can see, ordering information (which may be important for some applications) is lost.