I need to create digitally signed PDF with PFX files. I am using TCPDF for this, but TCPDF works with PEM/CRT files. If i upload file on the shared hosting and try to convert the file it is always zero KB.
This is the code i have tried.
exec('openssl pkcs12 -in cert.pfx -nocerts -out keyfile-encrypted.key');
A few possibilities:
-nocerts
option, so you're only getting the private key. Remove that option to keep the certificate as part of the PEM export. openssl
command to decrypt the PFX file. If you're getting a 0KB file from openssl
, it is possible it's detecting the non-interactive nature of your request and exiting. openssl
command to prevent openssl
from trying to encrypt the resulting file. Again, if openssl
is waiting for input (an encryption password) but detecting a non-interactive call, it may just be failing out without writing anything to the file. Use the output and return var parameters of the exec
call in PHP to determine what's going wrong:
exec('openssl pkcs12 -in cert.pfx -nocerts -out keyfile-encrypted.key', $output, $retval);
The $output
variable should contain the output from the command; the $retval
variable will contain the return code, which you can then check against openssl's documentation.
I found this answer much more confusing than it needs to be. I wanted to use the pfx file to set up an Nginx reverse proxy. The use case is slightly different, but it boils down to the same: You need a .crt file and a .key file. This is done in two parts. I did this in a Linux terminal.
Get the Public Certificate file:
openssl pkcs12 -in ./cert.pfx -clcerts -nokeys -out public.crt
Get the Private Key file:
openssl pkcs12 -in ./cert.pfx -nocerts -nodes -out private.key
You might be asked for an "Import Password", which you will have to get from the originator of the .pfx file.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.