How to generate CSR

Clearance and Reporting
1

I am getting error: {“status”:“error”,“message”:“Failed to generate CSR: error:22075075:X509 V3 routines:v2i_GENERAL_NAME_ex:unsupported option”}, When Iam trying to create a CSR manually by php function given below. Please hekp me out. Thank You.

function generateCSR()
{
// Define your variables
$countryName = “SA”;
$organizationName = “Muhasib”;
$organizationalUnitName = “Riyadh Branch”;
$commonName = “TST-886431145-399999999900003”;
$dirName = “/SN=1-TST|2-TST|3-ed22f1d8-e6a2-1118-9b58-d9a8f11e445f/UID=399999999900003/title=1100/registeredAddress=RRRD2929/businessCategory=Supply activities”;

// Construct the OpenSSL configuration as a string
$opensslConfig = <<<EOD

[ req ]
default_bits = 2048
default_keyfile = privkey.pem
distinguished_name = req_distinguished_name
req_extensions = v3_req
prompt = no

[ req_distinguished_name ]
C = $countryName
O = $organizationName
OU = $organizationalUnitName
CN = $commonName

[ v3_req ]
subjectAltName = @alt_names

[ alt_names ]
DirName=“$dirName”
EOD;

// Save the configuration to a temporary file
$configFilePath = sys_get_temp_dir() . '/openssl.cnf';
file_put_contents($configFilePath, $opensslConfig);


// Check if the file exists
if (!file_exists($configFilePath)) {
    echo "Error: Configuration file does not exist at: $configFilePath";
    exit;
}

// Check if the file is readable
if (!is_readable($configFilePath)) {
    echo "Error: Configuration file is not readable: $configFilePath";
    exit;
}

// Check if the directory is accessible
$dirPath = dirname($configFilePath);
if (!is_dir($dirPath) || !is_writable($dirPath)) {
    echo "Error: Directory is not writable: $dirPath";
    exit;
}




try {
    // Generate the private key
    $privateKey = openssl_pkey_new([
        "private_key_type" => OPENSSL_KEYTYPE_RSA,
        "private_key_bits" => 2048,
    ]);

    if ($privateKey === false) {
        throw new Exception("Failed to generate private key: " . openssl_error_string());
    }

    // CSR details
    $csrDetails = [
        "commonName"            => $commonName,
        "countryName"           => $countryName,
        "organizationName"      => $organizationName,
        "organizationalUnitName"=> $organizationalUnitName,
    ];

    // Generate the CSR
    $csr = openssl_csr_new($csrDetails, $privateKey, [
        "config" => $configFilePath,
    ]);

    if ($csr === false) {
        throw new Exception("Failed to generate CSR: " . openssl_error_string());
    }

    // Export the CSR and private key
    openssl_csr_export($csr, $csrOut);
    openssl_pkey_export($privateKey, $privateKeyOut);

    // Define file paths for saving the CSR and private key
    $resourcesPath = FCPATH . "resources/";
    if (!is_dir($resourcesPath)) {
        mkdir($resourcesPath, 0755, true);
    }
    $csrFilePath = $resourcesPath . "csr.pem";
    $privateKeyFilePath = $resourcesPath . "private_key.pem";

    file_put_contents($csrFilePath, $csrOut);
    file_put_contents($privateKeyFilePath, $privateKeyOut);

    // Cleanup the temporary config file
    unlink($configFilePath);

    // Return success response
    echo json_encode([
        "status" => "success",
        "csr_file" => $csrFilePath,
        "private_key_file" => $privateKeyFilePath,
    ]);

} catch (Exception $e) {
    // Handle exceptions and return error
    echo json_encode([
        "status" => "error",
        "message" => $e->getMessage(),
    ]);
}

}

2

this should give you an idea