3

I am currently writing a script to generate CSRs through a web interface for submission to generate a certificate. My current issue is that I want to generate a SAN certificate but I can't find any information on how to add the subjectAlternateName into the generated certificate request.

My current code is:

$private_key = openssl_pkey_new( array( 'private_key_bits' => 2048 ) );
$domain_data = [
    "countryName"            => 'GB',
    "stateOrProvinceName"    => 'Countyname',
    "localityName"           => 'townname',
    "organizationName"       => 'Company ltd.',
    "organizationalUnitName" => "IT",
    "emailAddress"           => 'IT@example.com',
    "commonName"             => 'example.com',
];
$config_args = ['private_key_bits' => 2048];
$attributes = [];

$csr = openssl_csr_new( $domain_data, $private_key, $config_args, $attributes );

openssl_csr_export( $csr, $csr_out );

Adding subjectAlternateName into the $domain_data array doesn't appear to add anything into the CSR when I parse it later.

Is it possible to do this directly in PHP?

Flibx
  • 95
  • 1
  • 7
  • 1
    Da codez, plz! You might want to read [How do I ask a good question](http://stackoverflow.com/help/how-to-ask), which enhances the probability for getting a useful answer _drastically_. You might find [ESR](https://en.m.wikipedia.org/wiki/Eric_S._Raymond)'s excellent essay [How To Ask Questions The Smart Way](http://catb.org/~esr/faqs/smart-questions.html) helpful, too. – Markus W Mahlberg Nov 17 '15 at 11:29
  • I dont think this is possible. Read this https://bugs.php.net/bug.php?id=71050 – kapad Jul 14 '19 at 19:10

1 Answers1

1

I have managed to solve this by generating a temporary copy of my openssl.cnf file with the subjectAltName line injected into it. This config can then be loaded by setting $config_args['config'] = $temporaryfilepath

Flibx
  • 95
  • 1
  • 7
  • i vote -1. in a shell using opoenssl yes its ok. But using php, are you sure you did it ? where is the config file ? this is not an answer anyway ... – kapad Jul 14 '19 at 19:05