Sign a certificate signing request

Steps to sign a certificate signing request with a previous created certification authority.

Load the private key of your certificate authority

$caPrivateKey = PrivateKey::loadFromFileName('ca_privatekey.pem');

Load the certificate of your certificate authority

$caCertificate = Certificate::createFromFileName('ca_certificate.pem');

Create the signer

$signer = new CertificateSigningRequestSigner();
$signer->setPrivateKey($caPrivateKey);
$signer->setCertificate($caCertificate);
$signer->setLifetime(365);
// the section "usr_cert" set CA:false
$signer->setExtensions('usr_cert');

Load the certificate signing request

$content = file_get_contents('MyFirstCertificate.csr');
$csr = new CertificateSigningRequest($content);
$certificate = $signer->sign($csr);

Export the new certificate

$certificate->exportToFile('MyFirstCertificate.pem');

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Sign a certificate signing request

Load the private key of your certificate authority

Load the certificate of your certificate authority

Create the signer

Load the certificate signing request

Export the new certificate

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Clone this wiki locally