[array|null$options = null],
[int$serial = 0]
openssl_csr_sign generates an x509 certificate from the given CSR.
You need to have a valid openssl.cnf installed for this function to operate correctly. See the notes under the installation section for more information.
A CSR previously generated by openssl_csr_new. It can also be the path to a PEM encoded CSR when specified as file://path/to/csr or an exported string generated by openssl_csr_export.
The generated certificate will be signed by ca_certificate. If ca_certificate is null, the generated certificate will be a self-signed certificate.
private_key is the private key that corresponds to ca_certificate.
days specifies the length of time for which the generated certificate will be valid, in days.
You can finetune the CSR signing by options. See openssl_csr_new for more information about options.
An optional the serial number of issued certificate. If not specified it will default to 0.
Returns an OpenSSLCertificate on success, false on failure.
|8.0.0||On success, this function returns an OpenSSLCertificate instance now; previously, a resource of type OpenSSL X.509 was returned.|
|8.0.0||csr accepts an OpenSSLCertificateSigningRequest instance now; previously, a resource of type OpenSSL X.509 CSR was accepted.|
|8.0.0||ca_certificate accepts an OpenSSLCertificate instance now; previously, a resource of type OpenSSL X.509 was accepted.|
|8.0.0||private_key accepts an OpenSSLAsymmetricKey or OpenSSLCertificate instance now; previously, a resource of type OpenSSL key or OpenSSL X.509 was accepted.|