PHPKonf: Istanbul PHP Conference 2017


(PHP 4 >= 4.2.0, PHP 5, PHP 7)

openssl_pkey_get_privateObtener una clave privada


resource openssl_pkey_get_private ( mixed $key [, string $passphrase = "" ] )

openssl_get_privatekey() analiza la clave key y la prepara para usarla con otras funciones.



key puede ser una de las siguientes:

  1. una cadena con el formato file://ruta/al/archivo.pem. El archivo nombrado debe contener un certificado/clave privada PEM codificada (puede contener ambos).
  2. una clave privada con formato PEM.


El parámetro opcional passphrase se debe usar si la clave especificada está encriptada (protegida por una frase de contraseña).

Valores devueltos

Devuelve un identificador de clave positivo si se tuvo éxito, o FALSE si se produjo un error.

add a note add a note

User Contributed Notes 3 notes

kristof1 at mailbox dot hu
2 years ago
It's actually "file://key.pem" when you want to give a relative path using unix systems. It will be three '/' in case of absolute path (e.g "file:///home/username/..."). But this path consists of two '/' originated from "file://" and one '/' from the fact that home is a subfolder of the unix filesystem's root directory ("/home/username/..."). This two part will be concatenated and you will get three '/' characters following each other.

So you only have to concatenate "file://" with an existing path string in every case.
geoff at hostfission dot com
2 months ago
Since this function can be used to load a PEM encoded string also, those that are using it relying on user input should be sure to check that the passed data is indeed a PEM encoded string and not a malicious file path.

The following should be sufficient.

= trim($_POST['private']);
  if (
strpos($private, '-----') !== 0) return false;
5 years ago
Please note that "file://path/to/file.pem" in documentation means file protocol + file path. In UNIX like OS, that is something like file:///rsa_private_key.pem. There is THREE slashes in the path string, not TWO.
To Top