New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
X509 certificate save with v3 #1665
Comments
Can you post your code? I just tried this and had no issues: $keyBundle = '-----BEGIN CERTIFICATE-----
MIIDITCCAoqgAwIBAgIQT52W2WawmStUwpV8tBV9TTANBgkqhkiG9w0BAQUFADBM
MQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkg
THRkLjEWMBQGA1UEAxMNVGhhd3RlIFNHQyBDQTAeFw0xMTEwMjYwMDAwMDBaFw0x
MzA5MzAyMzU5NTlaMGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MRYwFAYDVQQHFA1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKFApHb29nbGUgSW5jMRcw
FQYDVQQDFA53d3cuZ29vZ2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkC
gYEA3rcmQ6aZhc04pxUJuc8PycNVjIjujI0oJyRLKl6g2Bb6YRhLz21ggNM1QDJy
wI8S2OVOj7my9tkVXlqGMaO6hqpryNlxjMzNJxMenUJdOPanrO/6YvMYgdQkRn8B
d3zGKokUmbuYOR2oGfs5AER9G5RqeC1prcB6LPrQ2iASmNMCAwEAAaOB5zCB5DAM
BgNVHRMBAf8EAjAAMDYGA1UdHwQvMC0wK6ApoCeGJWh0dHA6Ly9jcmwudGhhd3Rl
LmNvbS9UaGF3dGVTR0NDQS5jcmwwKAYDVR0lBCEwHwYIKwYBBQUHAwEGCCsGAQUF
BwMCBglghkgBhvhCBAEwcgYIKwYBBQUHAQEEZjBkMCIGCCsGAQUFBzABhhZodHRw
Oi8vb2NzcC50aGF3dGUuY29tMD4GCCsGAQUFBzAChjJodHRwOi8vd3d3LnRoYXd0
ZS5jb20vcmVwb3NpdG9yeS9UaGF3dGVfU0dDX0NBLmNydDANBgkqhkiG9w0BAQUF
AAOBgQAhrNWuyjSJWsKrUtKyNGadeqvu5nzVfsJcKLt0AMkQH0IT/GmKHiSgAgDp
ulvKGQSy068Bsn5fFNum21K5mvMSf3yinDtvmX3qUA12IxL/92ZzKbeVCq3Yi7Le
IOkKcGQRCMha8X2e7GmlpdWC1ycenlbN0nbVeSv3JUMcafC4+Q==
-----END CERTIFICATE-----';
$x509 = new X509();
$currentCert = $x509->loadX509($keyBundle);
$certificate = $x509->saveX509($currentCert);
echo $certificate; You're variable name is |
@terrafrost My code looks the same. Except for the certificate of course:
So it's probably related to this... But why does it work with version 2 then? 🤔 |
The difference between your cert and mine is that my cert is an explicit v3 certificate whereas yours is an implicit v1. https://datatracker.ietf.org/doc/html/rfc5280#section-4.1.2.1 elaborates. As for why 2.0 and 3.0 are behaving differently, it looks like this change is the culprit: df6d55fd9#diff-57cc479dd479cdfa730fe27c7575feb2aef950ad5e83015475fcbbd3ae638b3a I'll try to revert that change for that specific file this evening. Maybe that'll break some existant unit tests or maybe it won't idk. Either way I'll need to add a unit test for this as well. In the mean time I need to get ready for work lol. Thanks for bringing this to my attention! |
d7c96eb should fix this. Thanks! |
@terrafrost Awesome thanks! Do you know when the next version is going to be released? |
I'll try to do so in the next few weeks. I want to implement one thing, in particular, before the next release. Thanks! |
@terrafrost With |
For example:
|
Seems to be working fine for me?:
|
@terrafrost In your snippet you didn't call |
Seems to be working fine for me, even with $keyBundle = '-----BEGIN CERTIFICATE-----
MIIDETCCAfkCFDzsb7zcQiLAyBlyCkNV0jzbfBgtMA0GCSqGSIb3DQEBCwUAMEUx
CzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRl
cm5ldCBXaWRnaXRzIFB0eSBMdGQwHhcNMjEwNjE0MDg1MzQzWhcNMjIwNjE0MDg1
MzQzWjBFMQswCQYDVQQGEwJBVTETMBEGA1UECAwKU29tZS1TdGF0ZTEhMB8GA1UE
CgwYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEAyK4VvJCAGGIze1SUNDQU9t1GPph77iI3GtI4tZOa+r+GAUqz
zyCe9JRYIq6p3KlekG5hnGsmy+QQD3udQklOOA/IadPyX0YGyL10chtmKVw/d40q
rFPktq6k0haS2vvvYkIXU0+8EvOeLYZ7vp1rtLDvHf4a6G4bVAzJIG9nqEm6VF6n
iFwCVEWhp2WOdRoZbSooPeYx3B4iGm/aJJbk2anbRVFy5tMjaE1ySt+ByKUBlb6x
bkJ1IlhXnXfN1kCl7UmG23Bilog53b5xWIj+5Du+BW3BOxfOnKIc6TzDByYOu63J
RAg6C75AHS8sw/HYLS9ZBnFHuWk7UuRstmXvRQIDAQABMA0GCSqGSIb3DQEBCwUA
A4IBAQBcntVtMSVy59DZxyWJ4WOCLyPUnJKoXY+zuYKVeBXTnW9acrQz1Le8N7RL
7E2If4fevCkvp/G/hHMbcUw0fz09iMRFVdlodW7+RyrcX1UBKvGwzTj/d3z+A70C
Pd3J9rGXepOzjSEAD4Elka6iMb29HiLci9vWbt9umYm5oRMU04V+NJxl8IgJMbB2
+gNSSzKaINCrf3RFnzmKgmHyKwhPFhVovrVvInHzkKlG+D84NPYtvafjC3vG0joP
rrtHL9aVubD+fDwa9XEVdcn9r+n0xdQU3YP0y/K/303smdZH7iokja7RjIIHppPD
bHwP8oAzBoxfgoiCcZUsfuGjE4hT
-----END CERTIFICATE-----';
$x509 = new X509();
$currentCert = $x509->loadX509($keyBundle);
$certificate = $x509->saveX509($currentCert);
echo $certificate; |
Oookay, you're right, it works. I though it did not directly after the upgrade to 3.0.9, but maybe that was due to my setup... anyway, thanks for your help 👍 |
I'm having troubles getting the certificate back when calling
saveX509()
. In v2 I would do something like:$certificate
was identical to$keyBundle
(which is basically my certificate). With v3 this behavior changed for me. I adapted the code like this:But
$certificate
now is empty:-----BEGIN CERTIFICATE----------END CERTIFICATE-----
.Any ideas?
The text was updated successfully, but these errors were encountered: