openssl_csr_sign() (openssl extension)

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

I'm running php 5.03 and attempting to use the openssl_csr_sign() function

Everything works great except for the configargs optional array

Prototype is:

openssl_csr_sign ( mixed csr, mixed cacert, mixed priv_key, int days [,
array configargs [, int serial]] )

function call is:

$config = array("x509_extensions" => "auth_only");

$userscert = openssl_csr_sign($csr, $cacert, $privkey, 365, $config,11);
where openssl.conf has an [auth_only] section of:

# These extensions are added when 'ca' signs a request.

basicConstraints = CA:FALSE
nsCertType       = client
keyUsage         = digitalSignature
nsComment        = "Authentication Only Certificate"
extendedKeyUsage = clientAuth

A certificate is signed, but without the specified extensions.

Does anyone have any experience with using this function? or this extension?

Site Timeline