stackoom
  简体   繁体   中英

how can i convert pfx to crt/pem on shared hosting like Godaddy with PHP Script?

 原文  2017-10-17 13:11:21       php/ digital-signature/ tcpdf/ php-openssl

Question

I need to create digitally signed PDF with PFX files. I am using TCPDF for this, but TCPDF works with PEM/CRT files. If i upload file on the shared hosting and try to convert the file it is always zero KB.

This is the code i have tried. 

exec('openssl pkcs12 -in cert.pfx -nocerts -out keyfile-encrypted.key');

2 answers

solution1
 1  2017-10-17 13:41:54

A few possibilities:

  • I believe for digital signing you need both the private key and the certificate, in PEM form. You've used the -nocerts option, so you're only getting the private key. Remove that option to keep the certificate as part of the PEM export.
  • If the PFX file you have is encrypted, then you need to somehow feed the encryption password to the openssl command to decrypt the PFX file. If you're getting a 0KB file from openssl , it is possible it's detecting the non-interactive nature of your request and exiting.
  • You need to specify the -nodes option on the openssl command to prevent openssl from trying to encrypt the resulting file. Again, if openssl is waiting for input (an encryption password) but detecting a non-interactive call, it may just be failing out without writing anything to the file.

  • Use the output and return var parameters of the exec call in PHP to determine what's going wrong:

    exec('openssl pkcs12 -in cert.pfx -nocerts -out keyfile-encrypted.key', $output, $retval);

The $output variable should contain the output from the command; the $retval variable will contain the return code, which you can then check against openssl's documentation.

solution2
 1  2018-07-22 14:35:02

I found this answer much more confusing than it needs to be. I wanted to use the pfx file to set up an Nginx reverse proxy. The use case is slightly different, but it boils down to the same: You need a .crt file and a .key file. This is done in two parts. I did this in a Linux terminal.

Get the Public Certificate file: 

openssl pkcs12 -in ./cert.pfx -clcerts -nokeys -out public.crt

Get the Private Key file: 

openssl pkcs12 -in ./cert.pfx -nocerts -nodes -out private.key

You might be asked for an "Import Password", which you will have to get from the originator of the .pfx file.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to convert PFX to CRT and PEM using PHP? PHP Curl request with CRT, PEM, PFX and Passphrase How can I install xpdf on a Godaddy Linux shared hosting server? How do I create a php.ini file for GoDaddy shared hosting? How to get PHP and PDO working in Godaddy shared hosting? GoDaddy php.ini on shared cpanel hosting… where, what and how? How to access the php.ini file in godaddy shared hosting linux How to install composer on godaddy shared hosting? How can I disable output buffering in PHP on shared Linux hosting? Code to remove .php worked initially but not on Godaddy shared hosting
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM