Getting an OpenSSL public key in PEM form, from a private key or a certificate.

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!


I'm working on a project making large use of OpenSSL to individually
encrypt items inside a database, but I've hit a stumbling block.

There appears to be absolutely no native PHP way (eg without a shell
call to openssl) to get the PEM encoded form of a public key, given
the private key and applicable passphrase.

The closest that can be gotten is a resource key, via:
$tmp = ... // PEM encoded certificate
$pubkey = openssl_pkey_get_public($tmp);
From this point however, there is still no way to get PHP to give me
the public key in a PEM encoding, for storage in the database. I've
tried all of the export functions, with various warnings returned from

Getting to the above point from scratch requires generating a
certificate request from the private key, and then a self-signed
certificate from that CSR. While this is doable, leaving out the
self-signed certificate step would produce a large increase in
performance as well.

The openssl command I wish to emulate is:
openssl rsa -pubout <privkey.pem

Surely there must be a way to achieve this simple action?

Site Timeline