Gustafson, Tim wrote: > I am trying to use the OpenSSL module for PHP on a FreeBSD 4.10 server. > I have CVS'd everything, so I have the most current version of the > FreeBSD port. > > I have attached the PHP file that I'm running. Here's the error message > I get: > > openssl_csr_sign(): cannot get cert from parameter 2 > > The file that is being referenced is a valid certificate, encoded in > base-64 format and the path is correct, and OpenSSL is able to sign > using this certificate and the corresponding key if I run it directly > from the command line. I have also attached the certificate. What am I > missing? You are missing error checking on the openssl_pkey_new() and openssl_csr_new() function calls. You don't even know for sure that you have a valid PKEY nor that you have a valid CSR resource. And, of course, you should have some error-checking on the return value from openssl_csr_sign() to see if it worked. Odds are really good that if you add all that error-checking, and the code needed to find out what error occurred -- http://php.net/openssl_error_string -- you'll find out that the OpenSSL software and PHP have conpsired to tell you *exactly* what is going wrong. :-) My first Wild Guess would be that your PHP user doesn't have permission to read your .crt and .key files, or that you don't have a PHP-readable valid openssl.cnf file. If all else fails, despite the examples in the manual, you may want to try to get rid of the 'file://' parts of your file names. But maybe you need those for some arcane OpenSSL reason beyond my ken. [shrug] -- Like Music? http://l-i-e.com/artists.htm -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
