二进制打包成功,运行时报公钥问题

yulinzhihou

问题描述

这里详细描述问题
MAC 上打包成功。使用了phar:openssl

config/plugin/webman/console/app.php
如下:

<?php
return [
    'enable'        => true,

    'build_dir'     => BASE_PATH . DIRECTORY_SEPARATOR . 'build',

    'phar_filename'  => getenv('BUILD_PHAR'),
    // 打包二进制名称
    'bin_filename'   => getenv('BUILD_BIN'),
    //set the signature algorithm for a phar and apply it. The signature algorithm must be one of Phar::MD5, Phar::SHA1, Phar::SHA256, Phar::SHA512, or Phar::OPENSSL.
    'signature_algorithm' => Phar::OPENSSL,
    // 如果启用了openssl打包,需要提供私钥地址
    'private_key_file'      => base_path().DIRECTORY_SEPARATOR.getenv('CERT_PATH').DIRECTORY_SEPARATOR.getenv('APP_NAME').'.key', // The file path for certificate or OpenSSL private key file.
    // 忽略打包格式
    'exclude_pattern'      => '#^(?!.*(composer.json|/.github/|/.idea/|/.git/|/.setting/|/runtime/|/vendor-bin/|/build/|/vendor/webman/admin/))(.*)$#',
    // 忽略打包文件
    'exclude_files'         => [
        '.env', 'LICENSE', 'composer.json', 'composer.lock', 'start.php',  getenv('BUILD_PHAR'), getenv('BUILD_BIN'),
    ],

    'custom_ini' => '
memory_limit = 256M,
upload_max_filesize = 20M
user_agent='.getenv('APP_NAME').'
upload_max_filesize=50M
post_max_size=50M
    ',
];

程序代码

yulinzhihou@yulinzhihou-MBP tlsf_server_file % php webman build:bin
Phar packing...
Files collect complete, begin add file to Phar.
Write requests to the Phar archive, save changes to disk.

Use PHP8.2 ...

Saved tlsf_server_file to /Users/yulinzhihou/websites/www/high_currency/tlsf_server_file/build/tlsf_server_file
Build Success!

yulinzhihou@yulinzhihou-MBP tlsf_server_file % 

报错信息

[root@orico-cs8 ~]# cat /etc/centos-release
CentOS Stream release 8
[root@orico-cs8 ~]# cat /etc/os-release
NAME="CentOS Stream"
VERSION="8"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="8"
PLATFORM_ID="platform:el8"
PRETTY_NAME="CentOS Stream 8"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:8"
HOME_URL="https://centos.org/"
BUG_REPORT_URL="https://bugzilla.redhat.com/"
REDHAT_SUPPORT_PRODUCT="Red Hat Enterprise Linux 8"
REDHAT_SUPPORT_PRODUCT_VERSION="CentOS Stream"

Centos Stream 8 上运行后

[root@orico-cs8 ~]# ll
total 61260
-rw-------. 1 root root     1696 Sep 15 17:06 anaconda-ks.cfg
-rwxr-xr-x. 1 root root 62719188 Sep 21 14:55 tlsf_server_file
-rw-r--r--. 1 root root      812 Sep 21 14:56 tlsf_server_file.pem
[root@orico-cs8 ~]# chmod 777 tlsf_server_file
[root@orico-cs8 ~]# ./tlsf_server_file start

Fatal error: Uncaught PharException: phar "/root/tlsf_server_file" openssl signature could not be verified: openssl public key could not be read in /root/tlsf_server_file:4
Stack trace:
#0 /root/tlsf_server_file(4): Phar::mapPhar('webman')
#1 {main}
  thrown in /root/tlsf_server_file on line 4
[root@orico-cs8 ~]# 
207 3 1
3个回答

yulinzhihou

截图
证书文件是使用"paragonie/easyrsa": "^0.6.0" 生成的。

  • 暂无评论
北月

需要把公钥文件命名为 your-phar-filename.pubkey,然后放在 phar 文件的同级目录。

也就是说你得把 tlsf_server_file.pem 重命名为 tlsf_server_file.pubkey

yulinzhihou

截图

  • 暂无评论
🔝