reference/openssl/functions/openssl-csr-sign.xml
6338117af97ec5a8d5d8e1b1ba632918f8147e2e
6338117af97ec5a8d5d8e1b1ba632918f8147e2e
...
...
@@ -1,25 +1,25 @@
1
1
<?xml version="1.0" encoding="utf-8"?>
2
2
<!-- $Revision$ -->
3
-
<refentry xmlns="http://docbook.org/ns/docbook" xml:id="function.openssl-csr-sign">
3
+
<refentry xml:id="function.openssl-csr-sign" xmlns="http://docbook.org/ns/docbook">
4
4
<refnamediv>
5
5
<refname>openssl_csr_sign</refname>
6
-
<refpurpose>Sign a CSR with another certificate (or itself) and generate a certificate</refpurpose>
6
+
<refpurpose>Sign a <acronym>CSR</acronym> with another certificate (or itself) and generate a certificate</refpurpose>
7
7
</refnamediv>
8
8
9
9
<refsect1 role="description">
10
10
&reftitle.description;
11
11
<methodsynopsis>
12
-
<type>resource</type><methodname>openssl_csr_sign</methodname>
13
-
<methodparam><type>mixed</type><parameter>csr</parameter></methodparam>
14
-
<methodparam><type>mixed</type><parameter>cacert</parameter></methodparam>
15
-
<methodparam><type>mixed</type><parameter>priv_key</parameter></methodparam>
12
+
<type class="union"><type>OpenSSLCertificate</type><type>false</type></type><methodname>openssl_csr_sign</methodname>
13
+
<methodparam><type class="union"><type>OpenSSLCertificateSigningRequest</type><type>string</type></type><parameter>csr</parameter></methodparam>
14
+
<methodparam><type class="union"><type>OpenSSLCertificate</type><type>string</type><type>null</type></type><parameter>ca_certificate</parameter></methodparam>
15
+
<methodparam><modifier role="attribute">#[\SensitiveParameter]</modifier><type class="union"><type>OpenSSLAsymmetricKey</type><type>OpenSSLCertificate</type><type>array</type><type>string</type></type><parameter>private_key</parameter></methodparam>
16
16
<methodparam><type>int</type><parameter>days</parameter></methodparam>
17
-
<methodparam choice="opt"><type>array</type><parameter>configargs</parameter></methodparam>
17
+
<methodparam choice="opt"><type class="union"><type>array</type><type>null</type></type><parameter>options</parameter><initializer>&null;</initializer></methodparam>
18
18
<methodparam choice="opt"><type>int</type><parameter>serial</parameter><initializer>0</initializer></methodparam>
19
+
<methodparam choice="opt"><type class="union"><type>string</type><type>null</type></type><parameter>serial_hex</parameter><initializer>&null;</initializer></methodparam>
19
20
</methodsynopsis>
20
21
<para>
21
-
<function>openssl_csr_sign</function> generates an x509 certificate
22
-
resource from the given CSR.
22
+
<function>openssl_csr_sign</function> generates an x509 certificate from the given <acronym>CSR</acronym>.
23
23
</para>
24
24
¬e.openssl.cnf;
25
25
</refsect1>
...
...
@@ -32,29 +32,29 @@
32
32
<term><parameter>csr</parameter></term>
33
33
<listitem>
34
34
<para>
35
-
A CSR previously generated by <function>openssl_csr_new</function>.
36
-
It can also be the path to a PEM encoded CSR when specified as
35
+
A <acronym>CSR</acronym> previously generated by <function>openssl_csr_new</function>.
36
+
It can also be the path to a <acronym>PEM</acronym> encoded <acronym>CSR</acronym> when specified as
37
37
<filename>file://path/to/csr</filename> or an exported string generated
38
38
by <function>openssl_csr_export</function>.
39
39
</para>
40
40
</listitem>
41
41
</varlistentry>
42
42
<varlistentry>
43
-
<term><parameter>cacert</parameter></term>
43
+
<term><parameter>ca_certificate</parameter></term>
44
44
<listitem>
45
45
<para>
46
-
The generated certificate will be signed by <parameter>cacert</parameter>.
47
-
If <parameter>cacert</parameter> is &null;, the generated certificate
46
+
The generated certificate will be signed by <parameter>ca_certificate</parameter>.
47
+
If <parameter>ca_certificate</parameter> is &null;, the generated certificate
48
48
will be a self-signed certificate.
49
49
</para>
50
50
</listitem>
51
51
</varlistentry>
52
52
<varlistentry>
53
-
<term><parameter>priv_key</parameter></term>
53
+
<term><parameter>private_key</parameter></term>
54
54
<listitem>
55
55
<para>
56
-
<parameter>priv_key</parameter> is the private key that corresponds to
57
-
<parameter>cacert</parameter>.
56
+
<parameter>private_key</parameter> is the private key that corresponds to
57
+
<parameter>ca_certificate</parameter>.
58
58
</para>
59
59
</listitem>
60
60
</varlistentry>
...
...
@@ -68,12 +68,12 @@
68
68
</listitem>
69
69
</varlistentry>
70
70
<varlistentry>
71
-
<term><parameter>configargs</parameter></term>
71
+
<term><parameter>options</parameter></term>
72
72
<listitem>
73
73
<para>
74
-
You can finetune the CSR signing by <parameter>configargs</parameter>.
74
+
You can finetune the <acronym>CSR</acronym> signing by <parameter>options</parameter>.
75
75
See <function>openssl_csr_new</function> for more information about
76
-
<parameter>configargs</parameter>.
76
+
<parameter>options</parameter>.
77
77
</para>
78
78
</listitem>
79
79
</varlistentry>
...
...
@@ -86,6 +86,18 @@
86
86
</para>
87
87
</listitem>
88
88
</varlistentry>
89
+
<varlistentry>
90
+
<term><parameter>serial_hex</parameter></term>
91
+
<listitem>
92
+
<para>
93
+
An optional hexadecimal string representing the serial number of the
94
+
issued certificate. If set, it takes precedence over the
95
+
<parameter>serial</parameter> parameter value. If not specified or set
96
+
to &null;, the <parameter>serial</parameter> parameter value is used
97
+
instead.
98
+
</para>
99
+
</listitem>
100
+
</varlistentry>
89
101
</variablelist>
90
102
</para>
91
103
</refsect1>
...
...
@@ -93,16 +105,68 @@
93
105
<refsect1 role="returnvalues">
94
106
&reftitle.returnvalues;
95
107
<para>
96
-
Returns an x509 certificate resource on success, &false; on failure.
108
+
Returns an <classname>OpenSSLCertificate</classname> on success, &false; on failure.
97
109
</para>
98
110
</refsect1>
99
111
112
+
<refsect1 role="changelog">
113
+
&reftitle.changelog;
114
+
<informaltable>
115
+
<tgroup cols="2">
116
+
<thead>
117
+
<row>
118
+
<entry>&Version;</entry>
119
+
<entry>&Description;</entry>
120
+
</row>
121
+
</thead>
122
+
<tbody>
123
+
<row>
124
+
<entry>8.4.0</entry>
125
+
<entry>
126
+
The <parameter>serial_hex</parameter> parameter is added.
127
+
</entry>
128
+
</row>
129
+
<row>
130
+
<entry>8.0.0</entry>
131
+
<entry>
132
+
On success, this function returns an <classname>OpenSSLCertificate</classname> instance now;
133
+
previously, a &resource; of type <literal>OpenSSL X.509</literal> was returned.
134
+
</entry>
135
+
</row>
136
+
<row>
137
+
<entry>8.0.0</entry>
138
+
<entry>
139
+
<parameter>csr</parameter> accepts an <classname>OpenSSLCertificateSigningRequest</classname> instance now;
140
+
previously, a &resource; of type <literal>OpenSSL X.509 CSR</literal> was accepted.
141
+
</entry>
142
+
</row>
143
+
<row>
144
+
<entry>8.0.0</entry>
145
+
<entry>
146
+
<parameter>ca_certificate</parameter> accepts an <classname>OpenSSLCertificate</classname> instance now;
147
+
previously, a &resource; of type <literal>OpenSSL X.509</literal> was accepted.
148
+
</entry>
149
+
</row>
150
+
<row>
151
+
<entry>8.0.0</entry>
152
+
<entry>
153
+
<parameter>private_key</parameter> accepts an <classname>OpenSSLAsymmetricKey</classname>
154
+
or <classname>OpenSSLCertificate</classname> instance now;
155
+
previously, a &resource; of type <literal>OpenSSL key</literal> or <literal>OpenSSL X.509</literal>
156
+
was accepted.
157
+
</entry>
158
+
</row>
159
+
</tbody>
160
+
</tgroup>
161
+
</informaltable>
162
+
</refsect1>
163
+
100
164
<refsect1 role="examples">
101
165
&reftitle.examples;
102
166
<para>
103
167
<example>
104
168
<title><function>openssl_csr_sign</function> example - signing a
105
-
CSR (how to implement your own CA)</title>
169
+
<acronym>CSR</acronym> (how to implement your own CA)</title>
106
170
<programlisting role="php">
107
171
<![CDATA[
108
172
<?php
...
...
@@ -139,7 +203,6 @@ while (($e = openssl_error_string()) !== false) {
139
203
</refsect1>
140
204
141
205
</refentry>
142
-
143
206
<!-- Keep this comment at the end of the file
144
207
Local variables:
145
208
mode: sgml
146
209