This function will return FALSE if the private key requires a pass phrase.
(PHP 4 >= 4.2.0, PHP 5, PHP 7)
openssl_x509_check_private_key — Checks if a private key corresponds to a certificate
Checks whether the given key
is the private key
that corresponds to cert
.
The function does not check if key
is indeed a private key or not.
It merely compares the public materials (e.g. exponent and modulus of an RSA key)
and/or key parameters (e.g. EC params of an EC key) of a key pair.
This means, for example, that a public key could be given for key
and the function may return TRUE
.
cert
The certificate.
key
The private key.
Returns TRUE
if key
is the private key that
corresponds to cert
, or FALSE
otherwise.
This function will return FALSE if the private key requires a pass phrase.
This function DOES return TRUE if the key has a passphrase, you just need to set up the data in such a way that the function can understand it. It is not documented here.
This error message led me to the solution:
PHP Warning: openssl_x509_check_private_key(): key array must be of the form array(0 => key, 1 => phrase)
So this works:
$certFile = file_get_contents('cert.crt');
$keyFile = file_get_contents('cert.key');
$keyPassphrase = "password1234";
$keyCheckData = array(0=>$keyFile,1=>$keyPassphrase);
$result = openssl_x509_check_private_key($certFile,$keyCheckData);