| Methods |
public
|
__construct()
|
#
|
public
|
cert_exists(): bool
Check if certificate is installed for account
Check if certificate is installed for account
|
#
|
public
|
get_certificates(): array
Get certificate names installed on account
Get certificate names installed on account
|
#
|
public
|
key_exists($key = 'server.key')
|
#
|
public
|
install($key, $cert, $chain = null)
|
#
|
public
|
permitted()
|
#
|
public
|
valid(string $cert, string $pkey): bool
Verify that the named certificate and key
Verify that the named certificate and key
Parameters
| $cert |
x509 certificate
|
| $pkey |
private key
|
|
#
|
public
|
is_self_signed($crt): bool|void
Check if certificate issuer matches requestor
Check if certificate issuer matches requestor
|
#
|
public
|
self_sign(string $cn, array $sans = []): bool
Create a self-signed certificate
Create a self-signed certificate
|
#
|
public
|
parse_certificate(mixed $crt): array
Parse certificate and return information
Parse certificate and return information
Parameters
| $crt |
resource pointed by openssl_x509_read or string
|
|
#
|
public
|
resolve_chain(string $crt): bool|string
Resolve a certificate chain, downloading certificates as necessary
Resolve a certificate chain, downloading certificates as necessary
Parameters
|
#
|
public
|
verify_certificate_chain(mixed $cert1, mixed $cert2): int
Verify cert2 is a chain to cert1
Verify cert2 is a chain to cert1
Parameters
| $cert1 |
ssl certificate
|
| $cert2 |
ssl certificate
|
Returns
1 if cert2 is intermediate of cert1, -1 if cert1 intermediate of cert2, 0 if no match
|
#
|
public
|
enabled(): bool
|
#
|
public
|
delete($key, $crt, $chain = null)
|
#
|
public
|
get_certificate(string $name = 'server.crt'): bool|string
Get raw certificate
|
#
|
public
|
get_private_key($name = 'server.key')
|
#
|
public
|
generate_privatekey(int $bits = 2048): string
Generate new private key
|
#
|
public
|
generate_csr(
string $privkey,
string $host,
string|null $country = '',
string|null $state = '',
string|null $locality = '',
string|null $org = '',
string|null $orgunit = '',
string|null $email = '',
array $san = [],
): bool|string
Generate certificate signing request for a CA
Generate certificate signing request for a CA
Parameters
| $privkey |
private key
|
| $host |
common name for which the SSL certificate is valid
|
| $country |
2-letter country code
|
| $state |
state
|
| $locality |
city/province
|
| $org |
optional organization
|
| $orgunit |
optional organizational unit (company section)
|
| $email |
contact e-mail
|
| $san |
x509 subject alternate names
|
Returns
certificate signing request
|
#
|
public
|
request_info(string $csr): array
Get certificate signing request parameters
Get certificate signing request parameters
Sample response:
array(7) {
["C"]=>
string(2) "US"
["ST"]=>
string(7) "Georgia"
["L"]=>
string(7) "Lilburn"
["O"]=>
string(13) "Apis Networks"
["OU"]=>
string(4) "Test"
["CN"]=>
string(8) "test.com"
["emailAddress"]=>
string(25) "msaladna@apisnetworks.com"
}
Returns
req parameters using shorthand notation
|
#
|
public
|
get_public_key(string $name): array|bool
Get public key from certificate
Get public key from certificate
Array (
[bits] => 4096
[key] => -----BEGIN PUBLIC KEY-----
...
...
[rsa] => Array ( [n] => .., [e] => ..,)
[type] => 0
Parameters
|
#
|
public
|
order_certificates(array $certs): array
Order a mixed arrangement of certificates in ascending order to root
Order a mixed arrangement of certificates in ascending order to root
|
#
|
public
|
get_csr($name)
|
#
|
public
|
sign_certificate(string $csr, string $privkey, int $days = 365, float $serial = null): string
Create a self-signed certificate
Create a self-signed certificate
Parameters
| $csr |
certificate signing request {@link generate_csr}
|
| $privkey |
private key to sign certificate
|
| $days |
number days valid
|
| $serial |
serial number
|
Returns
|
#
|
public
|
verify_x509_key(string $crt, string $privkey): bool
Verify the given private key matches the self-signed certificate
Verify the given private key matches the self-signed certificate
|
#
|
public
|
verify_key($key)
|
#
|
public
|
privkey_info($privkey): array
Get private key details
|
#
|
public
|
get_alternative_names(resource|string $certificate): array
Get hostnames for which a certificate is valid
Get hostnames for which a certificate is valid
|
#
|
public
|
_create()
|
#
|
public
|
contains_cn(string $name): bool
Active certificate contains name
Active certificate contains name
|
#
|
public
|
server_certificate(): string|null
Retrieve server certificate
Retrieve server certificate
|
#
|
public
|
_edit()
|
#
|
public
|
trust_endpoint(string $uri, bool $verify_name = false): bool
Add X509 certificate for endpoint to pki truststore
Add X509 certificate for endpoint to pki truststore
STARTTLS encapsulation is not supported
|
#
|
public
|
_verify_conf(ConfigurationContext $ctx): bool
|
#
|
public
|
_delete()
|
#
|
public
|
_create_user(string $user)
|
#
|
public
|
_delete_user(string $user)
|
#
|
public
|
_edit_user(string $userold, string $usernew, array $oldpwd)
|
#
|