openssl_csr_get_subject

(PHP 5 >= 5.2.0, PHP 7, PHP 8)

openssl_csr_get_subjectRetourne le sujet d'une CSR

Description

openssl_csr_get_subject(OpenSSLCertificateSigningRequest|string $csr, bool $short_names = true): array|false

openssl_csr_get_subject() retournes les informations sur le nom distinctif du sujet codées dans le csr, y compris les champs commonName (CN), organizationName (O), countryName (C) etc.

Liste de paramètres

csr

Voir les paramètres CSR pour obtenir une liste des valeurs valides.

short_names

short_names contrôle comment les données sont indexés dans le tableau - si short_names est true (par défaut) alors les champs seront indexés avec la forme courte du nom, sinon le nom complet sera utilisé - par exemple : CN est le nom court de commonName.

Valeurs de retour

Retourne un tableau associatif avec les description des sujets, ou false si une erreur survient.

Historique

Version Description
8.0.0 csr accepte désormais une instance de OpenSSLCertificateSigningRequest ; auparavant, une resource de type OpenSSL X.509 CSR était accepté.

Exemples

Exemple #1 Exemple avec openssl_csr_get_subject()

<?php
$subject
= array(
"countryName" => "CA",
"stateOrProvinceName" => "Alberta",
"localityName" => "Calgary",
"organizationName" => "XYZ Widgets Inc",
"organizationalUnitName" => "PHP Documentation Team",
"commonName" => "Wez Furlong",
"emailAddress" => "wez@example.com",
);
$private_key = openssl_pkey_new(array(
"private_key_bits" => 2048,
"private_key_type" => OPENSSL_KEYTYPE_RSA,
));
$configargs = array(
'digest_alg' => 'sha512WithRSAEncryption'
);
$csr = openssl_csr_new($subject, $privkey, $configargs);
print_r(openssl_csr_get_subject($csr));
?>

Résultat de l'exemple ci-dessus est similaire à :

Array
(
    [C] => CA
    [ST] => Alberta
    [L] => Calgary
    [O] => XYZ Widgets Inc
    [OU] => PHP Documentation Team
    [CN] => Wez Furlong
    [emailAddress] => wez@example.com
)

Voir aussi

add a note

User Contributed Notes 4 notes

up
1
pdm at wp dot pl
9 years ago
openssl_csr_get_subject('somedomain.com',false);
return
array(7) {
["countryName"]=> string "XX"
["stateOrProvinceName"]=> string "xxxxxxxxx"
["localityName"]=> string "xxxxxxxx"
["organizationName"]=> string "xxxxxxxxx"
["organizationalUnitName"]=>string "xxxx"
["commonName"]=>string "xxx"
["emailAddress"]=>string "xxx"
}

openssl_csr_get_subject('somedomain.com',true);
return
array(7) {
["C"]=> string "XX"
["ST"]=> string "xxxxxxxxx"
["L"]=> string "xxxxxxxx"
["O"]=> string "xxxxxxxxx"
["OU"]=>string "xxxx"
["CN"]=>string "xxx"
["emailAddress"]=>string "xxx"
}
up
0
Steve
8 years ago
This function may not return name fields in the order they appear in the certificate. For example, this CSR:

-----BEGIN CERTIFICATE REQUEST-----
MIHsMIGUAgEAMDIxEDAOBgNVBAsMB3VuaXQgIzExDDAKBgNVBAoMA29yZzEQMA4G
A1UECwwHdW5pdCAjMjBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABGvZnFxGuVzJ
hOKPs5RNxZBS4vY6ERaqm5tKMGOhxLSfv/dpjDtNNdSHkIGNjYxclHYhxG0ku7BY
PA5uPIjng1SgADAKBggqhkjOPQQDAgNHADBEAiB4GXhhbEU1UFTCe0dwJnKHTQuI
xzYL5FnyhmKdixN/0gIgBXSm9S8L/oJ6rBxemin/V/xKv5jy4TEZuz84nnshxQQ=
-----END CERTIFICATE REQUEST-----

When processed by 'openssl -noout -subject' gives this:

subject=/OU=unit #1/O=org/OU=unit #2

On the other hand, 'var_dump( openssl_csr_get_subject( "..." ) )' will produce this:

csr = array(2) {
["OU"]=>
array(2) {
[0]=>
string(7) "unit #1"
[1]=>
string(7) "unit #2"
}
["O"]=>
string(3) "org"
}

As you can see, ordering information (which may be important for some applications) is lost.
up
0
mikko koivu
14 years ago
this function does not yet return SANs (subject alternative names) fields for UC certificates like those used in exchange 2007.
up
-1
stephan[at]strato-rz[dot]de
15 years ago
The returning assoziative array is indexed with the fields
in the subject so you should have a array key named CN,OU and so on.
To Top