PHP openssl_x509_parse doesn't return data for CSR

Question

I used the following command to generate a CSR:

openssl req -nodes -newkey rsa:2048 -keyout mytestserver.key -out mytestserver.csr

I tried to decode the mytestserver.csr with the following PHP code:

<?php

$mydata="-----BEGIN CERTIFICATE REQUEST-----
MIICyDCCAbACAQAwgYIxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJOSDEQMA4GA1UE
BxMHQ29uY29yZDESMBAGA1UEChMJTXljb21wYW55MQswCQYDVQQLEwJJVDETMBEG
A1UEAxMKbXl0ZXN0LmNvbTEeMBwGCSqGSIb3DQEJARYPdGVzdGVyQHRlc3QuY29t
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3CcljODQKIJQ9xnPFydW
E6fRphmfxtDZF46/J6jT7ctzG3Mv//8p9ene60BCDIWdWiDXvUUUc02nb/qiiaP5
lALl6XeLKOKs6ZEC/lknDfgOBSjqvLz+UzlOXjRdhBpaawaEbVw4rh6idHWIOFGT
lzuHmE8YBmJ7R+tfhmEETk5XtPRZ3RL173HH2R/f2YCh0uhMr4GqXVfHtWrkpiw7
gXjvaXFeQhslTSP7Pru8j39uYKqubwLTyJ1uoqHVVOIqmswz+WfSvn+c86VK44p0
oQQnFL1gHoUWBHSbTmU49ufOWog9oLHOo9GUnMRg9TntGL0s55rfmSTZ+qtyB8Lc
7wIDAQABoAAwDQYJKoZIhvcNAQEEBQADggEBALglJeJUBEmxTy1hE0jG4cPAaJe5
FOqaVCUDm4YeoTpLfYLgE7ZkWuqkhZdw4TR9wu4DkiYo9z94avrKzFj2Kq1JHjUX
weYAHzGxtFO2IUuz7DSGfSvfJ0mMkAH+QtaxNUV2olnrdA8T5hRzgbZT2RTCc0GV
iSyCKXj4O/yRt0lbBCdM/Lja3Yga2BrFtvcsqnaDO6kIj+x1YCpL3cpRsm+3XbvH
dE02+hB/iHC0bE4lQciPCASOiXbMWASWxofFjyRCP+Ha+np/FqoxRF6DIUu10dCS
wV2kkbQQhNsFuMzCJvYudsmG1ULUfjUTvCAgO9kdBweNg3nklzetoSWoE5k=
-----END CERTIFICATE REQUEST-----";

print ("\r\n begin");
print_r(openssl_x509_parse($mydata));

print ("\r\n end");

But it gives an empty result.

Any idea of how to use PHP's OpenSSL library to decode the RSA CSR I generated?

while debuggging, use var_dump() , not print_r() , also, make sure you're using error_reporting(E_ALL); — hanshenrik, Dec 24 '15 at 21:01

score 3 · Accepted Answer · answered Dec 24 '15 at 21:03

3

openssl_x509_parse() is used to "parse an X509 certificate." To parse a certificate signing request, you can use openssl_csr_get_subject() and openssl_csr_get_public_key().

To retrieve the public key details you would then use openssl_pkey_get_details():

$keyres = openssl_csr_get_public_key($mydata);
$key = openssl_pkey_get_details($keyres);
echo "$key[bits] bit public key follows:\n$key[key]\n";

answered Dec 24 '15 at 21:03

miken32

42,008
16
111
154

miken32, thank you very much for your suggestion. Actually, I tried to generate the O, OU, UN, emailAddress values from the input CSR. I figured out the function I can use based on the hint you gave me: openssl_csr_get_subject($mydata) can generate the array of values I need. Thanks again. – mnnmountain Dec 27 '15 at 03:06

PHP openssl_x509_parse doesn't return data for CSR

1 Answers1