openssl_x509_check_private_key

    (PHP 4 >= 4.2.0, PHP 5, PHP 7, PHP 8)

    openssl_x509_check_private_keyChecks if a private key corresponds to a certificate

    Description

    openssl_x509_check_private_key(OpenSSLCertificate|string $certificate, #[\SensitiveParameter] OpenSSLAsymmetricKey|OpenSSLCertificate|array|string $private_key): bool

    Checks whether the given private_key is the private key that corresponds to certificate.

    Warning

    The function does not check if private_key is indeed a private key or not. It merely compares the public materials (e.g. exponent and modulus of an RSA key) and/or key parameters (e.g. EC params of an EC key) of a key pair.

    This means, for example, that a public key could be given for private_key and the function may return true.

    Parameters

    certificate

    The certificate.

    private_key

    The private key.

    Return Values

    Returns true if private_key is the private key that corresponds to certificate, or false otherwise.

    Changelog

    Version Description
    8.0.0 certificate accepts an OpenSSLCertificate instance now; previously, a resource of type OpenSSL X.509 was accepted.
    8.0.0 private_key accepts an OpenSSLAsymmetricKey or OpenSSLCertificate instance now; previously, a resource of type OpenSSL key or OpenSSL X.509 was accepted.

    Found A Problem?

    Learn How To Improve This PageSubmit a Pull RequestReport a Bug
    add a note

    User Contributed Notes 2 notes

    up
    7
    tomsie at toms dot ie
    7 years ago
    This function DOES return TRUE if the key has a passphrase, you just need to set up the data in such a way that the function can understand it. It is not documented here.This error message led me to the solution:PHP Warning:  openssl_x509_check_private_key(): key array must be of the form array(0 => key, 1 => phrase)So this works:$certFile = file_get_contents('cert.crt');$keyFile = file_get_contents('cert.key');$keyPassphrase = "password1234";$keyCheckData = array(0=>$keyFile,1=>$keyPassphrase);$result = openssl_x509_check_private_key($certFile,$keyCheckData);
    up
    0
    jared at enhancesoft dot com
    10 years ago
    This function will return FALSE if the private key requires a pass phrase.
    add a note
    To Top