ukrbublik / openssl_x509_crl
Missing OpenSSL function on PHP to create CRL (certificate revocation list) for CA
Installs: 2 011
Dependents: 0
Suggesters: 0
Security: 0
Stars: 17
Watchers: 4
Forks: 7
Open Issues: 0
Requires
- php: >=5.3.0
- ext-bcmath: *
- ext-openssl: *
This package is not auto-updated.
Last update: 2025-03-02 05:18:48 UTC
README
Description:
If you want to create own Certification authority (CA) on pure PHP with OpenSSL extension, you need a function to create certificate revocation list (CRL) which is missing in OpenSSL extension (request #40046).
This lib implements such function - openssl_x509_crl()
Usage example:
use Ukrbublik\openssl_x509_crl\X509; use Ukrbublik\openssl_x509_crl\X509_CERT; use Ukrbublik\openssl_x509_crl\X509_CRL; $ci = array( 'no' => 1, 'version' => 2, 'days' => 30, 'alg' => OPENSSL_ALGO_SHA1, 'revoked' => array( array( 'serial' => '101', 'rev_date' => time(), 'reason' => X509::getRevokeReasonCodeByName("cessationOfOperation"), 'compr_date' => strtotime("-1 day"), 'hold_instr' => null, ) ) ); $ca_pkey = openssl_pkey_get_private(file_get_contents('ca_key.key')); $ca_cert = X509::pem2der(file_get_contents('ca_cert.cer')); $crl_data = openssl_x509_crl($ci, $ca_pkey, $ca_cert); //$crl_data contains CRL in DER format