Key Usage, serverAuth, clientAuth and openssl_csr_sign()

Asked Oct 11 '16 at 18:21

Active Oct 11 '16 at 18:51

Viewed 449 times

Is it possible with PHP to set key usage when signing requests with openssl_csr_sign() using a CA certificate? I cant find any info regarding this.

I really want to differentiate on Client and Server certificates.

edited Oct 11 '16 at 18:51

jww

asked Oct 11 '16 at 18:21

I believe you have to do it with a CONF file. There's another redirection trick, but I don't know how easy it is in PHP. Also see [How do you sign Certificate Signing Request with your Certification Authority](http://stackoverflow.com/a/21340898/608639) and [How to create a self-signed certificate with openssl?](http://stackoverflow.com/q/10175812/608639). Both use the CONF files to tune a certificate and request. – jww Oct 11 '16 at 18:52
*"I really want to differentiate on Client and Server certificates...."* - Client and Server certificates are just end-entity certificates. I believe there are better ways to signal Client and Server certificates. You probably want to take the topic up on [Information Security Stack Exchange](http://security.stackexchange.com/). Its better suited for these types of discussions. – jww Oct 11 '16 at 18:55

0 Answers0