I'm having trouble getting Google's php sdk to accept the p12 file download directly (twice actually) from Google's Dev Console. The appropriate api permissions should all be in place.
The file is readable by the server and my host (MediaTemple Grid Server) says that there isn't anything that should be blocking this on their end.
Is this a problem in Google's own sdk or am I doing something wrong?
The error is PHP Fatal error: Uncaught exception 'Google_Auth_Exception' with message 'Unable to parse the p12 file. Is this a .p12 file? Is the password correct? OpenSSL error: error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long'
[26-Mar-2015 12:39:52 America/New_York] PHP Fatal error: Uncaught exception 'Google_Auth_Exception' with message 'Unable to parse the p12 file. Is this a .p12 file? Is the password correct? OpenSSL error: error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long' in /vendor/google/apiclient/src/Google/Signer/P12.php:53
Stack trace:
#0 /vendor/google/apiclient/src/Google/Auth/AssertionCredentials.php(130): Google_Signer_P12->__construct('0\xEF\xBF\xBD\x06\xEF\xBF\xBD\x02\x01\x030\xEF\xBF\xBD...', 'notasecret')
#1 /vendor/google/apiclient/src/Google/Auth/AssertionCredentials.php(107): Google_Auth_AssertionCredentials->makeSignedJwt(Array)
#2 /vendor/google/apiclient/src/Google/Auth/OAuth2.php(306): Google_Auth_AssertionCredentials->generateAssertion()
#3 /vendor/google/apiclient/src/Google/Auth/OAuth2.php(233): Google_Auth_OAuth2->refreshTokenWithAssertion()
#4 /vendor/google/apiclient/src/Google/Service/Resource.php(208): Google_Auth_OAuth2->sign(Object(Google_Http_Request))
#5 /vendor/google/apiclient/src/Google/Service/Datastore.php(232): Google_Service_Resource->call('runQuery', Array, 'Google_Service_...')
#6 /vendor/tomwalder/php-gds/src/GDS/Gateway.php(360): Google_Service_Datastore_Datasets_Resource->runQuery('SomeName', Object(Google_Service_Datastore_RunQueryRequest))
#7 /vendor/tomwalder/php-gds/src/GDS/Gateway.php(305): GDS\Gateway->executeQuery(Object(Google_Service_Datastore_GqlQuery))
#8 /vendor/tomwalder/php-gds/src/GDS/Store.php(270): GDS\Gateway->gql('SELECT * FROM `...', NULL)
#9 /datastore_test/simple.php(28): GDS\Store->fetchOne()
#10 {main}
thrown in /vendor/google/apiclient/src/Google/Signer/P12.php on line 53
Update ... yeah files would be helpful. :)
config.php
<?php
/**
* Template Configuration file for php-gds examples
*
* @author Tom Walder <tom@docnet.nu>
*/
define('GDS_APP_NAME', 'NAME');
define('GDS_KEY_FILE_PATH', dirname(__FILE__) . '/google-generated-keyname.p12');
define('GDS_SERVICE_ACCOUNT_NAME', 'NAME-No');
define('GDS_DATASET_ID', 'DataStore');
$certs = array();
$pkcs12 = file_get_contents( GDS_KEY_FILE_PATH );
// No password
openssl_pkcs12_read( $pkcs12, $certs, "notasecret" );
//echo $certs['cert'];
$data[0] = $certs['cert'];
$data[1] = 'notasecret';
Google's p12.php
// If the private key is provided directly, then this isn't in the p12
// format. Different versions of openssl support different p12 formats
// and the key from google wasn't being accepted by the version available
// at the time.
if (!$password && strpos($p12, "-----BEGIN RSA PRIVATE KEY-----") !== false) {
$this->privateKey = openssl_pkey_get_private($p12);
} else {
// This throws on error
$certs = array();
if (!openssl_pkcs12_read($p12, $certs, $password)) {
throw new Google_Auth_Exception(
"Unable to parse the p12 file. " .
"Is this a .p12 file? Is the password correct? OpenSSL error: " .
openssl_error_string()
);
}
// TODO(beaton): is this part of the contract for the openssl_pkcs12_read
// method? What happens if there are multiple private keys? Do we care?
if (!array_key_exists("pkey", $certs) || !$certs["pkey"]) {
throw new Google_Auth_Exception("No private key found in p12 file.");
}
$this->privateKey = openssl_pkey_get_private($certs['pkey']);
}
Related to Getting "Unable to parse the p12 file..." Error With google-api-php-client
