Key/Certificate parameters

Quite a few of the openssl functions require a key or a certificate parameter. Following methods may be used to get them:

  • Certificates

    1. An OpenSSLCertificate instance (or prior to PHP 8.0.0, a resource of type OpenSSL X.509) returned from openssl_x509_read()
    2. A string having the format file://path/to/cert.pem; the named file must contain a PEM encoded certificate
    3. A string containing the content of a certificate, PEM encoded, may start with -----BEGIN CERTIFICATE-----
  • Certificate Signing Requests (CSRs)

    1. An OpenSSLCertificateSigningRequest instance (or prior to PHP 8.0.0, a resource of type OpenSSL X.509 CSR) returned from openssl_csr_new()
    2. A string having the format file://path/to/csr.pem; the named file must contain a PEM encoded CSR
    3. A string containing the content of a CSR, PEM encoded, may start with -----BEGIN CERTIFICATE REQUEST-----
  • Public/Private Keys

    1. An OpenSSLAsymmetricKey instance (or prior to PHP 8.0.0, a resource of type OpenSSL key) returned from openssl_get_publickey() or openssl_get_privatekey()
    2. For public keys only: an OpenSSLCertificate instance (or prior to PHP 8.0.0, a resource of type OpenSSL X.509)
    3. A string having the format file://path/to/file.pem - the named file must contain a PEM encoded certificate/private key (it may contain both)
    4. A string containing the content of a certificate/key, PEM encoded, may start with -----BEGIN PUBLIC KEY-----
    5. For private keys, you may also use the syntax array($key, $passphrase) where $key represents a key specified using the file:// or textual content notation above, and $passphrase represents a string containing the passphrase for that private key
add a note

User Contributed Notes

There are no user contributed notes for this page.
To Top