I need to generate a CSR key from a private key/cert
When doing this I get an error
openssl_csr_new(): dn: add_entry_by_NID 48 -> (failed; check error queue and value of string_mask OpenSSL option if illegal characters are reported) test.php(33)
$dn = [
'commonName' => '123@-1552-21',// 'func_id@activationcode',
'organizationalUnitName'=> 'test',
'organizationName' => 'test',
'localityName' => 'DK',
'stateOrProvinceName' => 'DK',
'countryName' => 'DK',
'emailAddress' => ''
];
$csr = [
'private_key_bits' => 2048,
'private_key_type' => OPENSSL_KEYTYPE_RSA,
'encrypt_key' => true
];
$private_key = openssl_pkey_get_private('./1_0010444508001.pem');
$csr = openssl_csr_new($dn, $private_key, [
'digest_alg' => 'sha256'
]);
openssl_csr_export($csr, $csrout);
openssl_pkey_export($private_key, $pkeyout, '');
echo $csrout . "\n" . $pkeyout;
openssl_csr_new(): dn: add_entry_by_NID 48 -> (failed; check error queue and value of string_mask OpenSSL option if illegal characters are reported) test.php(33)
The problem is not the private key but the problem is in the dn. It complains that there is a problem adding the attribute with NID 48 to the CSR. NID 48 is the NID for emailAddress so it complains about the contents of this field. Looks like it should not be empty.