By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,784 Members | 3,274 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,784 IT Pros & Developers. It's quick & easy.

openssl_csr_new() not working... getting a 404 error !

P: n/a
Hi !

I am currently changing the server for my website, and i make a heavy
use of openssl functions.

Both servers use PHP4.3.3 with OpenSSL 0.9.6i.

I was actually testing with this code, taken out from PHP's
documentation :

<?php
// Fill in data for the distinguished name to be used in the cert
// You must change the values of these keys to match your name and
// company, or more precisely, the name and company of the person/site
// that you are generating the certificate for.
// For SSL certificates, the commonName is usually the domain name of
// that will be using the certificate, but for S/MIME certificates,
// the commonName will be the name of the individual who will use the
// certificate.
$dn = array(
"countryName" => "UK",
"stateOrProvinceName" => "Somerset",
"localityName" => "Glastonbury",
"organizationName" => "The Brain Room Limited",
"organizationalUnitName" => "PHP Documentation Team",
"commonName" => "Wez Furlong",
"emailAddress" => "we*@php.net"
);

// Generate a new private (and public) key pair
$privkey = openssl_pkey_new();

// Generate a certificate signing request
$csr = openssl_csr_new($dn, $privkey);

// You will usually want to create a self-signed certificate at this
// point until your CA fulfills your request.
// This creates a self-signed cert that is valid for 365 days
$sscert = openssl_csr_sign($csr, null, $privkey, 365);

// Now you will want to preserve your private key, CSR and self-signed
// cert so that they can be installed into your web server, mail
server
// or mail client (depending on the intended use of the certificate).
// This example shows how to get those things into variables, but you
// can also store them directly into files.
// Typically, you will send the CSR on to your CA who will then issue
// you with the "real" certificate.
openssl_csr_export($csr, $csrout) and debug_zval_dump($csrout);
openssl_x509_export($sscert, $certout) and debug_zval_dump($certout);
openssl_pkey_export($privkey, $pkeyout, "mypassword") and
debug_zval_dump($pkeyout);

// Show any errors that occurred here
while (($e = openssl_error_string()) !== false) {
echo $e . "\n";
}
?>

It is working perfectly fine on my previous server ( as it should).
However, not on the new server.

What is strange is I am not getting any error return. Just a plain
"Page not found" error. The error occurs whenever I put a
openssl_csr_new() call in my page. I can generate private key
flawlessly, but not generate any certificate...

Do you have any idea of what is happening ?

Both server's are using PHP of the same version, OpenSSL too ( same
version). the only noticeable difference is :
-The new one is using ZEND performance suite ( licensed )

-New server ( failing) configure command :
Configure Command './configure'
'--with-apxs=/usr/local/apache/bin/apxs' '--with-dbase'
'--with-filepro' '--with-xml' '--enable-ftp' '--with-db'
'--enable-bcmath' '--enable-calendar' '--with-jpeg-dir'
'--with-png-dir' '--with-gd' '--enable-gd-native-ttf'
'--with-freetype-dir' '--with-gettext' '--with-pgsql=/usr'
'--with-mysql=/usr' '--with-zlib-dir' '--enable-trans-sid'
'--with-imap' '--with-kerberos' '--with-imap-ssl' '--with-openssl'
'--enable-sysvsem' '--enable-sysvshm' '--with-curl=/usr/local/lib'

-Old server ( OK) configure commands :
'./configure' '--enable-discard-path'
'--with-config-file-path=/usr/local/lib' '--enable-sigchild'
'--enable-magic-quotes' '--enable-short-tags' '--with-exec-dir=/home/'
'--with-openssl' '--disable-rpath' '--enable-libgcc' '--disable-pic'
'--with-zlib=/' '--enable-bcmath' '--enable-calendar'
'--with-curl=/usr/local' '--with-gdbm=/usr'
'--with-db3=/usr/local/BerkeleyDB.3.3' '--enable-dbase'
'--enable-xslt' '--with-xslt-sablot' '--with-dom' '--with-dom-xslt'
'--with-dom-exslt' '--enable-exif' '--enable-mbstring'
'--enable-mbregex' '--enable-filepro' '--enable-ftp'
'--with-ming=/usr/local' '--with-gd=/usr/local'
'--enable-gd-native-tt' '--with-jpeg-dir=/usr'
'--with-png-dir=/usr/local' '--with-ttf=/usr/local'
'--with-t1lib=/usr' '--with-gettext=/usr' '--with-imap=/usr/local'
'--with-kerberos' '--with-imap-ssl' '--with-mcrypt=/usr/local'
'--with-mhash=/usr/local' '--with-mysql=/usr'
'--with-pdflib=/usr/local' '--with-jpeg-dir=/usr'
'--with-png-dir=/usr/local' '--with-tiff-dir=/usr'
'--with-sablot=/usr/local' '--with-expat-dir=/usr'
'--enable-trans-sid' '--with-regex=system' '--enable-sysvsem'
'--enable-sysvshm' '--enable-wddx' '--with-zziplib=/usr'
'--enable-inline-optimization' '--with-gnu-ld'

Thanks for your help ! It's been 2 days I'm stuck on that thing :( :(

tetedeiench
Jul 17 '05 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.