I'm running php 5.03 and attempting to use the openssl_csr_sign() function
Everything works great except for the configargs optional array
Prototype is:
openssl_csr_sign ( mixed csr, mixed cacert, mixed priv_key, int days [,
array configargs [, int serial]] )
function call is:
<?
putenv("OPENSSL_CONF=/services/www/content/xlr8ed.ns.gatech.edu/html/insecure/kalamos/openssl.conf");
$config = array("x509_extensions" => "auth_only");
$userscert = openssl_csr_sign($csr, $cacert, $privkey, 365, $config,11);
?>
where openssl.conf has an [auth_only] section of:
[auth_only]
# These extensions are added when 'ca' signs a request.
basicConstraints = CA:FALSE
nsCertType = client
keyUsage = digitalSignature
nsComment = "Authentication Only Certificate"
extendedKeyUsage = clientAuth
A certificate is signed, but without the specified extensions.
Does anyone have any experience with using this function? or this extension?