Key/Certificate parameters

Quite a few of the openssl functions require a key or a certificate parameter. PHP 4.0.5 and earlier have to use a key or certificate resource returned by one of the openssl_get_xxx() functions. Later versions may use one of the following methods:

• Certificates

  1. An X.509 resource returned from openssl_x509_read()
  2. A string having the format file://path/to/cert.pem; the named file must contain a PEM encoded certificate
  3. A string containing the content of a certificate, PEM encoded

• Public/Private Keys

  1. A key resource returned from openssl_get_publickey() or openssl_get_privatekey()
  2. For public keys only: an X.509 resource
  3. A string having the format file://path/to/file.pem - the named file must contain a PEM encoded certificate/private key (it may contain both)
  4. A string containing the content of a certificate/key, PEM encoded
  5. For private keys, you may also use the syntax array($key, $passphrase) where $key represents a key specified using the file:// or textual content notation above, and $passphrase represents a string containing the passphrase for that private key