1

I am working on OpenSSL in Windows 8.1, Wamp Apache Version: 2.4.9 PHP Version: 5.5.12. And I ended up with the following error:

enter image description here

My PHP code is given below. WAMP is unable to generate private key. 

$privateKey = openssl_pkey_new(array(
    'private_key_bits' => 384,      // Size of Key.
    'private_key_type' => OPENSSL_KEYTYPE_RSA,
));

openssl_pkey_export($privateKey, $privKey, null, ['config' =>   'C:/wamp/bin/apache/apache2.4.9/conf/openssl.cnf']);
$a_key = openssl_pkey_get_details($privateKey);

file_put_contents('keys/'.$username.'_public.key', $a_key['key']);
file_put_contents('keys/'.$username.'_private.key', $privKey);
openssl_free_key($privateKey);

Can anyone please help me in running OpenSSL in Windows. Thanks in advance.

jww
  • 97,681
  • 90
  • 411
  • 885
Pritam
  • 39
  • 5
  • Some OpenSSL failures on Windows are related to the ***`.rnd`*** file and saving its state. See, for example, [How to fix “unable to write 'random state' ” in openssl](http://stackoverflow.com/q/12507277/608639). – jww Mar 18 '16 at 07:28
  • What, exactly, is the error you are trying to fix? The question seems to be changing as folks help you with your problem. – jww Mar 19 '16 at 00:48
  • @jww I was not able to generate public and private key using openssl in wamp. Which is solved now. The answer below solves the issue. – Pritam Mar 21 '16 at 00:54

2 Answers2

3

Your question isn't much specific but I can say that you're calling openssl_pkey_export with wrong fourth argument. It should be array with config key instead of just string. config key is needed also for openssl_pkey_new. 

<?php

$privateKey = openssl_pkey_new([
    'private_key_bits' => 384,
    'private_key_type' => OPENSSL_KEYTYPE_RSA,
    'config' => 'C:/wamp/bin/apache/apache2.4.9/conf/openssl.cnf'
]);

openssl_pkey_export($privateKey, $privKey, null, [
    'config' => 'C:/wamp/bin/apache/apache2.4.9/conf/openssl.cnf'
]);

$a_key = openssl_pkey_get_details($privateKey);

var_dump($privKey); // Just to test output

file_put_contents('keys/'.$username.'_public.key', $a_key['key']);
file_put_contents('keys/'.$username.'_private.key', $privKey);

openssl_free_key($privateKey);

Hope that's help

kba
  • 4,190
  • 2
  • 15
  • 24
  • Hi, Thank you for taking the time to help me here. I tried the code given above. It still produces the same warning. Warning: openssl_pkey_export(): cannot get key from parameter 1 – Pritam Mar 18 '16 at 07:13
  • The other errors are linked to the first one. Once this is fixed those will not be a problem. – Pritam Mar 18 '16 at 07:14
  • No, it isn't produce same warning. Original warning was `... expects parameter 4 to be array ...`. It's solved. Now, you have problem with content of `$privateKey` variable (warning `... cannot get key from parameter 1 ...`). As I said, I can't help you more without whole source code. – kba Mar 18 '16 at 07:43
  • Please check the code above. I have edited the post. – Pritam Mar 18 '16 at 07:56
  • Well, I think `openssl_pkey_new` function needs also `config` key in configuration array. Try to dump value of `$privateKey`. I guess it will be `false`. – kba Mar 18 '16 at 08:11
  • I added config key as you said. The error is solved but the key is generated as following `-----BEGIN PUBLIC KEY----- MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxALxt85c/oYLMqn7GW2RDZBBs59ho2Y8u 8CUINbMG4Pqm1zpV3S2a0dImVJb0P8CB7QIDAQAB -----END PUBLIC KEY----- ` And it generates the same key every time. It should not generate the header and footer along with the key – Pritam Mar 18 '16 at 08:37
  • 1
    It's too many questions. Two things - private key is in PEM format. Header and footer are valid then. Are you sure it really generates same key every time? I edited my answer to reflect your updated question. – kba Mar 18 '16 at 08:39
  • Yes I am sure. I tried 2 times after fixing `openssl_pkey_new` as you suggested. I also tried once more now. It is generating same key every time. – Pritam Mar 18 '16 at 08:44
  • 1
    Ok, I don't know what to say more. Everytime if I run final version of script on my system (Windows 7, PHP 5.5.28), the PEM formatted private key is not the same. I inspect output by `var_dump` in the middle of script. If you think that it's another issue, you can create a new question. – kba Mar 18 '16 at 08:58
0

I had similiar problem and I figured out, that WAMPserver do not have default CA installed. How to fix it:

Also make sure that OPENSSL_CONF environmental variable is set to c:\wamp\bin\apache\apache2.4.9\conf\openssl.cnf

user22600
  • 563
  • 4
  • 7