<?php include('File/X509.php'); include('Crypt/RSA.php'); // create priv

1. <?php
2. include('File/X509.php');
3. include('Crypt/RSA.php');
4.  
5. // create private key / x.509 cert for stunnel / website
6. $privKey = new Crypt_RSA();
7. extract($privKey->createKey());
8. $privKey->loadKey($privatekey);
9.  
10. $pubKey = new Crypt_RSA();
11. $pubKey->loadKey($publickey);
12. $pubKey->setPublicKey();
13.  
14. $subject = new File_X509();
15. $subject->setDNProp('id-at-organizationName', 'phpseclib demo cert');
16. $subject->setPublicKey($pubKey);
17. $subject->setDomain('www.whatever.com', 'www.google.com');
18.  
19. $issuer = new File_X509();
20. $issuer->setPrivateKey($privKey);
21. $issuer->setDN($subject->getDN());
22.  
23. $x509 = new File_X509();
24. //$x509->setStartDate('-1 month'); // default: now
25. //$x509->setEndDate('+1 year'); // default: +1 year
26.  
27. $result = $x509->sign($issuer, $subject);
28. $subject = new File_X509();
29. $subject->loadX509($result);
30.  
31. $subject->currentCert['tbsCertificate']['extensions'][] = array(
32.    'extnId' => 'id-ce-subjectAltName',
33.    'critical' => false,
34.    'extnValue' => array(
35.       array('dNSName' => 'www.slashdot.org'),
36.       array('dNSName' => 'www.yahoo.com')
37.    )
38. );
39.  
40. $result = $x509->sign($issuer, $subject);
41.  
42. echo "the stunnel.pem contents are as follows:\r\n\r\n";
43. echo $privKey->getPrivateKey();
44. echo "\r\n";
45. echo $x509->saveX509($result);