PHP Conference Fukuoka 2025

openssl_csr_get_subject

(PHP 5 >= 5.2.0, PHP 7, PHP 8)

openssl_csr_get_subjectRetorna el sujeto de una CSR

Descripción

openssl_csr_get_subject(OpenSSLCertificateSigningRequest|string $csr, bool $short_names = true): array|false

openssl_csr_get_subject() retorna las informaciones sobre el nombre distintivo del sujeto codificado en el csr, incluyendo los campos commonName (CN), organizationName (O), countryName (C) etc.

Parámetros

csr

Ver los parámetros CSR para obtener una lista de los valores válidos.

short_names

short_names controla cómo los datos son indexados en el array - si short_names es true (por omisión) entonces los campos serán indexados con la forma corta del nombre, de lo contrario el nombre completo será utilizado - por ejemplo: CN es la forma corta de commonName.

Valores devueltos

Retorna un array asociativo con las descripciones de los sujetos, o false si ocurre un error.

Historial de cambios

Versión Descripción
8.0.0 csr ahora acepta una instancia de OpenSSLCertificateSigningRequest ; anteriormente, se aceptaba un resource de tipo OpenSSL X.509 CSR.

Ejemplos

Ejemplo #1 Ejemplo con openssl_csr_get_subject()

<?php
$subject
= array(
"countryName" => "CA",
"stateOrProvinceName" => "Alberta",
"localityName" => "Calgary",
"organizationName" => "XYZ Widgets Inc",
"organizationalUnitName" => "PHP Documentation Team",
"commonName" => "Wez Furlong",
"emailAddress" => "wez@example.com",
);
$private_key = openssl_pkey_new(array(
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
));
$configargs = array(
'digest_alg' => 'sha512WithRSAEncryption'
);
$csr = openssl_csr_new($subject, $privkey, $configargs);
print_r(openssl_csr_get_subject($csr));
?>

Resultado del ejemplo anterior es similar a :

Array
(
    [C] => CA
    [ST] => Alberta
    [L] => Calgary
    [O] => XYZ Widgets Inc
    [OU] => PHP Documentation Team
    [CN] => Wez Furlong
    [emailAddress] => wez@example.com
)

Ver también

add a note

User Contributed Notes 4 notes

up
1
pdm at wp dot pl
10 years ago
openssl_csr_get_subject('somedomain.com',false);returnarray(7) {  ["countryName"]=> string "XX"  ["stateOrProvinceName"]=> string "xxxxxxxxx"  ["localityName"]=> string "xxxxxxxx"  ["organizationName"]=> string "xxxxxxxxx"  ["organizationalUnitName"]=>string "xxxx"  ["commonName"]=>string "xxx"  ["emailAddress"]=>string "xxx"} openssl_csr_get_subject('somedomain.com',true);returnarray(7) {  ["C"]=> string "XX"  ["ST"]=> string "xxxxxxxxx"  ["L"]=> string "xxxxxxxx"  ["O"]=> string "xxxxxxxxx"  ["OU"]=>string "xxxx"  ["CN"]=>string "xxx"  ["emailAddress"]=>string "xxx"}
up
0
Steve
9 years ago
This function may not return name fields in the order they appear in the certificate.  For example, this CSR:-----BEGIN CERTIFICATE REQUEST-----MIHsMIGUAgEAMDIxEDAOBgNVBAsMB3VuaXQgIzExDDAKBgNVBAoMA29yZzEQMA4GA1UECwwHdW5pdCAjMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGvZnFxGuVzJhOKPs5RNxZBS4vY6ERaqm5tKMGOhxLSfv/dpjDtNNdSHkIGNjYxclHYhxG0ku7BYPA5uPIjng1SgADAKBggqhkjOPQQDAgNHADBEAiB4GXhhbEU1UFTCe0dwJnKHTQuIxzYL5FnyhmKdixN/0gIgBXSm9S8L/oJ6rBxemin/V/xKv5jy4TEZuz84nnshxQQ=-----END CERTIFICATE REQUEST-----When processed by 'openssl -noout -subject' gives this:subject=/OU=unit #1/O=org/OU=unit #2On the other hand, 'var_dump( openssl_csr_get_subject( "..." ) )' will produce this:csr = array(2) {  ["OU"]=>  array(2) {    [0]=>    string(7) "unit #1"    [1]=>    string(7) "unit #2"  }  ["O"]=>  string(3) "org"}As you can see, ordering information (which may be important for some applications) is lost.
up
0
mikko koivu
15 years ago
this function does not yet return SANs (subject alternative names) fields for UC certificates like those used in exchange 2007.
up
-1
stephan[at]strato-rz[dot]de
16 years ago
The returning assoziative array is indexed with the fieldsin the subject so you should have a array key named CN,OU and so on.
To Top