Giter VIP home page Giter VIP logo

easyrsa-php's Introduction

Latest Stable Version Total Downloads Build Status Code Coverage Code Climate Scrutinizer Code Quality License

EasyRSA wrapper for PHP

An easy way to use the official EasyRSA collection of shell scripts in your application.

composer require evilfreelancer/easyrsa-php

By the way, EasyRSA library support Laravel and Lumen frameworks, details here.

How to use

More examples you can find here.

Download the latest release of EasyRSA

Before you start use this script need to download the easy-rsa package.

require_once __DIR__ . '/../vendor/autoload.php';

use EasyRSA\Downloader;

$dnl = new Downloader([
    'archive' => './easy-rsa.tar.gz',
    'scripts' => './easy-rsa',
]);

$dnl->getEasyRSA();

Result of this script will be in easy-rsa folder.

Generate certificates

require_once __DIR__ . '/../vendor/autoload.php';

use Dotenv\Dotenv;
use EasyRSA\Commands;

// Load dotenv?
if (file_exists(__DIR__ . '/../vars.example')) {
    Dotenv::createImmutable(__DIR__ . '/../', 'vars.example')->load();
}

$cmd = new Commands([
    'scripts' => './easy-rsa',
    'certs'   => './easy-rsa-certs',
]);

$cmd->initPKI();
$cmd->buildCA(true);
$cmd->genDH();
$cmd->buildServerFull('server', true);
$cmd->buildClientFull('client1', true);
$cmd->buildClientFull('client2', true);

Result of this script will be in easy-rsa-certs folder.

List of all available commands

Method Description
getContent(string $filename) Show content of any certificate available in "certs" folder
initPKI() Instantiate Public Key Infrastructure (PKI)
buildCA(bool $nopass = false) Build Certificate Authority (CA)
genDH() Generate Diffie-Hellman certificate (DH)
genReq() Generate request for certificate
signReqClient(string $filename) Sign request for client certificate
signReqServer(string $filename) Sign request for server certificate
buildClientFull(string $name, bool $nopass = false) Build public and private key of client
buildServerFull(string $name, bool $nopass = false) Build public and private key of server
revoke(string $filename) Revoke certificate
genCRL() Generate Certificate Revocation List (CRL)
updateDB() Update certificates database
showCert(string $filename) Display information about certificate
showReq(string $filename) Display information about request
importReq(string $filename) Import request
exportP7(string $filename) Export file in format of Public-Key Cryptography Standards (PKCS) v7 (P7)
exportP12(string $filename) Export file in format of Public-Key Cryptography Standards (PKCS) v12 (P12)
setRSAPass(string $filename) Set password in Rivest–Shamir–Adleman (RSA) format
setECPass(string $filename) Set password in Elliptic Curve (EC) format

You also can read content of generated certificate via getConfig($filename) method:

<?php
require_once __DIR__ . '/../vendor/autoload.php';

use \EasyRSA\Commands;

$cmd = new Commands([
    'scripts' => './easy-rsa',
    'certs'   => './easy-rsa-certs',
]);

$file = $cmd->getContent('ca.crt');
echo "$file\n";

$file = $cmd->getContent('server.crt');
echo "$file\n";

$file = $cmd->getContent('server.key');
echo "$file\n";

Environment variables

You can set these variables via environment on host system or with help of vlucas/phpdotenv library or via any other way which you like.

EASYRSA_DN="cn_only"
#EASYRSA_DN="org"
EASYRSA_REQ_COUNTRY="DE"
EASYRSA_REQ_PROVINCE="California"
EASYRSA_REQ_CITY="San Francisco"
EASYRSA_REQ_ORG="Copyleft Certificate Co"
EASYRSA_REQ_EMAIL="[email protected]"
EASYRSA_REQ_OU="My Organizational Unit"
EASYRSA_REQ_CN="ChangeMe"
EASYRSA_KEY_SIZE=2048
EASYRSA_ALGO=rsa
EASYRSA_CA_EXPIRE=3650
EASYRSA_CERT_EXPIRE=3650
EASYRSA_DIGEST="sha256"

Example of environment variables configuration which should be used on certificate build stage can be fond here.

Frameworks support

Laravel

The package's service provider will automatically register its service provider.

Publish the easy-rsa.php configuration file:

php artisan vendor:publish --provider="EasyRSA\Laravel\ServiceProvider"

Alternative configuration method via .env file

After you publish the configuration file as suggested above, you may configure library by adding the following to your application's .env file (with appropriate values):

EASYRSA_WORKER=default
EASYRSA_ARCHIVE=./easy-rsa.tar.gz
EASYRSA_SCRIPTS=./easy-rsa
EASYRSA_CERTS=./easy-rsa-certs

Lumen

If you work with Lumen, please register the service provider and configuration in bootstrap/app.php:

$app->register(EasyRSA\Laravel\ServiceProvider::class);
$app->configure('easy-rsa');

Manually copy the configuration file to your application.

Testing

This library can tested in multiple different ways

composer test:lint
composer test:types
composer test:unit

or just in one command

composer test

Links

easyrsa-php's People

Contributors

asafov avatar evilfreelancer avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar

Forkers

sdekkers brasil-iot

easyrsa-php's Issues

Cannot get vars to work.

When I generate a cert it shows Issuer: CN=ChangeMe even though I've got my vars set correctly before I build the CA.

Also, I don't suppose password protected CAs will work with this right?

Config fail to open - Laravel

After You change location of config files i get
"vendor/evilfreelancer/easyrsa-php/src/config/easy-rsa.php): failed to open stream: No such file or directory"

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.