Quite a few of the openssl functions require a key or a certificate
parameter. Following methods may be used to get them:
Certificates
An OpenSSLCertificate instance
(or prior to PHP 8.0.0, a resource of type OpenSSL X.509)
returned from openssl_x509_read
A string having the format
file://path/to/cert.pem; the named file must
contain a PEM encoded certificate
A string containing the content of a certificate, PEM
encoded, may start with -----BEGIN CERTIFICATE-----
Certificate Signing Requests (CSRs)
An OpenSSLCertificateSigningRequest instance
(or prior to PHP 8.0.0, a resource of type OpenSSL X.509 CSR)
returned from openssl_csr_new
A string having the format
file://path/to/csr.pem; the named file must
contain a PEM encoded CSR
A string containing the content of a CSR, PEM encoded,
may start with -----BEGIN CERTIFICATE REQUEST-----
Public/Private Keys
An OpenSSLAsymmetricKey instance
(or prior to PHP 8.0.0, a resource of type OpenSSL key)
returned from openssl_get_publickey or
openssl_get_privatekey
For public keys only: an OpenSSLCertificate instance
(or prior to PHP 8.0.0, a resource of type OpenSSL X.509)
A string having the format
file://path/to/file.pem - the named file must
contain a PEM encoded certificate/private key (it may contain both)
A string containing the content of a certificate/key,
PEM encoded, may start with
-----BEGIN PUBLIC KEY-----
For private keys, you may also use the syntax
array($key, $passphrase) where $key represents a
key specified using the file:// or textual content notation above, and
$passphrase represents a string containing the passphrase for that
private key