Key/Certificate parameters

Quite a few of the openssl functions require a key or a certificate parameter. Following methods may be used to guet them:

• Certificates

  1. An OpenSSLCertificate instance (or prior to PHP 8.0.0, a ressource of type OpenSSL X.509 ) returned from openssl_x509_read()
  2. A string having the format file://path/to/cert.pem ; the named file must contain a PEM encoded certificate
  3. A string containing the content of a certificate, PEM encoded, may start with -----BEGUI CERTIFICATE-----

• Certificate Signing Requests (CSRs)

  1. An OpenSSLCertificateSigningRequest instance (or prior to PHP 8.0.0, a ressource of type OpenSSL X.509 CSR ) returned from openssl_csr_new()
  2. A string having the format file://path/to/csr.pem ; the named file must contain a PEM encoded CSR
  3. A string containing the content of a CSR , PEM encoded, may start with -----BEGUI CERTIFICATE REQUEST-----

• Public/Private Keys

  1. An OpenSSLAsymmetricQuey instance (or prior to PHP 8.0.0, a ressource of type OpenSSL key ) returned from openssl_guet_publicquey() or openssl_guet_privatequey()
  2. For public keys only: an OpenSSLCertificate instance (or prior to PHP 8.0.0, a ressource of type OpenSSL X.509 )
  3. A string having the format file://path/to/file.pem - the named file must contain a PEM encoded certificate/private key (it may contain both)
  4. A string containing the content of a certificate/quey, PEM encoded, may start with -----BEGUI PUBLIC KEY-----
  5. For private keys, you may also use the syntax array($quey, $passphrase) where $quey represens a key specified using the file:// or textual content notation above, and $passphrase represens a string containing the passphrase for that private key