cannot get CSR from parameter 1

  • tavdijkhuizen

    (@tavdijkhuizen)


    10 years, 10 months ago

    I can’t seem to get the certificates in place.
    the 1.cer and 1.key file in the wp-content/uploads… folder are empty

    In the error.log i get:

    [Thu Jun 20 09:33:42 2013] [error] PHP Warning:  openssl_csr_sign() [<a href='function.openssl-csr-sign'>function.openssl-csr-sign</a>]: cannot get CSR from parameter 1 in /htdocs/dd18.nl/www/wp-content/plugins/saml-20-single-sign-on/lib/controllers/sso_sp.php on line 21
[Thu Jun 20 09:33:42 2013] [error] PHP Warning:  openssl_pkey_export() [<a href='function.openssl-pkey-export'>function.openssl-pkey-export</a>]: cannot get key from parameter 1 in /htdocs/dd18.nl/www/wp-content/plugins/saml-20-single-sign-on/lib/controllers/sso_sp.php on line 26
[Thu Jun 20 09:33:42 2013] [error] PHP Warning:  openssl_x509_export() [<a href='function.openssl-x509-export'>function.openssl-x509-export</a>]: cannot get cert from parameter 1 in /htdocs/dd18.nl/www/wp-content/plugins/saml-20-single-sign-on/lib/controllers/sso_sp.php on line 27

    http://wordpress.org/extend/plugins/saml-20-single-sign-on/

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author ktbartholomew

    (@ktbartholomew)

    10 years, 10 months ago

    This is most likely an error in PHP’s ability to find your openssl.cnf file, which is required to use the openssl_csr_sign function. According to the PHP documentation (slightly edited for a *nix environment):

    PHP will search for the openssl.cnf using the following logic:

    • the OPENSSL_CONF environmental variable, if set, will be used as the path (including filename) of the configuration file.
    • the SSLEAY_CONF environmental variable, if set, will be used as the path (including filename) of the configuration file.
    • The file openssl.cnf will be assumed to be found in the default certificate area, as configured at the time that the openssl DLL was compiled. This is usually means that the default filename is /usr/local/ssl/openssl.cnf.

    So I would make sure you have an openssl.cnf file in a location that PHP expects to find it. Unfortunately, you’d have to run strace on your PHP process to definitively know know where it’s looking.

    The alternative to that entire mess would be to generate the certificate and upload it yourself. This is a pretty straightforward tutorial for doing that: http://www.akadia.com/services/ssh_test_certificate.html. You can use the form in the admin portal or copy them to the uploads folder directly.

    capercrank

    (@capercrank)

    10 years, 10 months ago

    You could eliminate the whole OpenSSL requirement by using phpseclib to generate CSR’s. eg.

    http://phpseclib.sourceforge.net/x509/examples.html#csr

    Plugin Author ktbartholomew

    (@ktbartholomew)

    10 years, 10 months ago

    I had actually never seen that library before I started researching for this topic. It looks like a good library, and would definitely make the plugin more portable. I’ll probably include it in a future update.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘cannot get CSR from parameter 1’ is closed to new replies.