I've a x509 certificate from my CA self-signed:
$res_ca_cert=openssl_csr_sign($res_ca_csr,NULL,$res_ca_key,365);
Then, I've an user certificate signed by the CA:
$res_usr_cert=openssl_csr_sign($txt_usr_csr,$txt_ca_cert,$res_ca_key,1);
Exists in the PHP API any function to check if the user certificate is
really signed by the CA ? Like this operation :
$res_ca_public = openssl_get_publickey($txt_ca_cert);
$txt_usr_sign = fakessl_x509_getsignature($txt_usr_cert);
openssl_public_decrypt($txt_usr_sign,$txt_usr_public,$res_ca_public);
Check that $txt_usr_public == fakessl_gettxt_publickey($txt_usr_cert)
I've found openssl_pkcs7_verify, but this doesn't work for me because I
can access to the file system.
Another solutions is to parse the human-readable x509 certificates in
order to get the public keys and certificates and verify it by hand.
Any idea ?
Thanks for all !
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
