PHP stream_context_set_option SSL 证书作为字符串 [英] PHP stream_context_set_option SSL certificate as string
问题描述
我遇到了一个奇怪的问题.基本上,我需要这样做:
I've got a weird issue. Basically, I need to do this:
$handle = stream_context_create();
stream_context_set_option($handle , 'ssl', 'local_cert', '/tmp/cert');
不过.证书不作为服务器中的文件保存.相反,它是一个保存在集群数据库环境中的加密字符串.因此,证书不是文件名指针,而是证书的物理内容.所以我不需要使用文件名,而是需要指定证书的内容.
However. The certificate is not held as a file within the server. Rather it's an encrypted string held in a clustered database environment. So instead of the certificate being a file name pointer, its the physical content of the certificate. So instead of using the file name, I need to specify the content of the certificate instead.
例如:
$cert = '-----BEGIN CERTIFICATE-----....
upWbwmdMd61SjNCdtOpZcNW3YmzuT96Fr7GUPiDQ
-----END CERTIFICATE-----';
有谁知道我到底如何做到这一点?我正在为这个问题挠头,但我的直觉告诉我这是可行的.
Does anyone have any idea whatsoever how on earth I can do this? I'm scratching my head over this problem, but my gut instinct says it is doable.
先谢谢大家!
推荐答案
正如 Maerlyn 所说,似乎唯一的方法是将证书从内存写入临时文件,调用函数,发出请求,然后删除临时文件.
As Maerlyn said, it appears the only way to do this will be to write the certificate from memory to a temporary file, call the function, make the request, and then remove the temp file.
我查看了 PHP 源代码(相关代码这里)和当您发出将使用 SSL 的请求时,它会检查是否设置了 local_cert 上下文选项,如果设置了,则最终调用 OpenSSL 函数 SSL_CTX_use_PrivateKey_file 从磁盘文件中读取证书.
I looked at the PHP source code (relevant code here) and when you make a request that will use SSL, it checks to see if local_cert context option is set, and if so, ultimately calls the OpenSSL function SSL_CTX_use_PrivateKey_file which reads the certificate from a disk file.
请注意,在执行请求之前不会读取文件,因此在请求之后您不能删除临时文件,而不是在调用 stream_context_set_option 之后.
Take note that the file doesn't get read until the request is performed, so you can't delete the temp file until after your request, as opposed to after calling stream_context_set_option.
这篇关于PHP stream_context_set_option SSL 证书作为字符串的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
