PHPackages                             protonlabs/x509-sign - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Utility &amp; Helpers](/categories/utility)
4. /
5. protonlabs/x509-sign

ActiveLibrary[Utility &amp; Helpers](/categories/utility)

protonlabs/x509-sign
====================

Sign ASN1 strings

1.0.0(4y ago)236.6k↓25.9%2PHPPHP &gt;=7.4

Since Feb 2Pushed 4y ago3 watchersCompare

[ Source](https://github.com/ProtonMail/x509-sign)[ Packagist](https://packagist.org/packages/protonlabs/x509-sign)[ RSS](/packages/protonlabs-x509-sign/feed)WikiDiscussions master Synced 1mo ago

READMEChangelog (1)Dependencies (2)Versions (7)Used By (0)

X509 Sign
=========

[](#x509-sign)

A simple endpoint to sign X509 certificates.

Usage
=====

[](#usage)

### Via HTTP:

[](#via-http)

Expose `index.php` on a webserver.

Get the signature server public key:

```
POST /

```

```
{
  "publicKey": {}
}
```

Or specify a format:

```
POST /

```

```
{
  "publicKey": {"format": "PSS"}
}
```

Request a signature:

```
POST /

```

```
{
  "signedCertificate": {
    "certificate": "-----BEGIN...",
    "clientPublicKey": "-----BEGIN..."
  }
}
```

You can group requests and get both results aggregated:

```
POST /

```

```
{
  "publicKey": {},
  "signedCertificate": {
    "certificate": "-----BEGIN...",
    "clientPublicKey": "-----BEGIN..."
  }
}
```

Would result the following JSON output:

```
{
  "publicKey": {
    "success": true,
    "result": "-----BEGIN..."
  },
  "signedCertificate": {
    "success": true,
    "result": "-----BEGIN..."
  }
}
```

With the server signature public key string and the signed certificate.

### As a service

[](#as-a-service)

Use `Issuer::issue()` to sign certificates from a PHP application.

```
use Proton\X509Sign\Issuer;
use phpseclib3\Crypt\RSA\PrivateKey;
use phpseclib3\Crypt\RSA\PublicKey;

$issuer = new Issuer();
$issuer->issue(
    PrivateKey::load('-----BEGIN...'),
    PublicKey::load('-----BEGIN...'),
    ['commonName' => 'foo'],
    ['commonName' => 'bar'],
    '9256',
);
```

Config
------

[](#config)

Define environment variables to configure your server:

- `SIGNATURE_PRIVATE_KEY` PKCS1 string of the private signature key.
- `SIGNATURE_PRIVATE_KEY_PASSPHRASE` Passphrase/password of the private key.
- `EXTENSIONS` JSON representation of X509 extensions to support.

###  Health Score

34

—

LowBetter than 77% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity32

Limited adoption so far

Community14

Small or concentrated contributor base

Maturity57

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 98.4% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

1784d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/df90c422f521bf26355c3e185a59fe7afb35531af56244dfaec03ee1d0ca6f24?d=identicon)[kylekatarn](/maintainers/kylekatarn)

![](https://www.gravatar.com/avatar/837170204c2dc6beffb28cfca8ff9036709ac38d5f5f16ab2b8b8a7cb025c089?d=identicon)[BafS](/maintainers/BafS)

![](https://www.gravatar.com/avatar/07337314fa7f579e749eb6f2565747bf75075974867e44153b8382999fc83a42?d=identicon)[bartbutler](/maintainers/bartbutler)

---

Top Contributors

[![kylekatarnls](https://avatars.githubusercontent.com/u/5966783?v=4)](https://github.com/kylekatarnls "kylekatarnls (62 commits)")[![BafS](https://avatars.githubusercontent.com/u/588205?v=4)](https://github.com/BafS "BafS (1 commits)")

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/protonlabs-x509-sign/health.svg)

```
[![Health](https://phpackages.com/badges/protonlabs-x509-sign/health.svg)](https://phpackages.com/packages/protonlabs-x509-sign)
```

###  Alternatives

[jenssegers/optimus

Id obfuscation based on Knuth's integer hash method

1.3k4.8M27](/packages/jenssegers-optimus)[phpseclib/mcrypt_compat

PHP 5.x-8.x polyfill for mcrypt extension

28129.7M34](/packages/phpseclib-mcrypt-compat)[civicrm/civicrm-core

Open source constituent relationship management for non-profits, NGOs and advocacy organizations.

728272.9k20](/packages/civicrm-civicrm-core)[phpseclib/bcmath_compat

PHP 5.x-8.x polyfill for bcmath extension

16720.7M17](/packages/phpseclib-bcmath-compat)[codercat/jwk-to-pem

Convert JWK to PEM format.

1004.5M20](/packages/codercat-jwk-to-pem)[salla/zatca

A helper to generate the QR code and signed it for ZATCA e-invoicing

159416.7k2](/packages/salla-zatca)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)