Skip to content
🔏PHP library for creating and signing Certificates, text encryption and decription.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

PHP Encrypt

Library for signing certificates with selfsigned CA


Install with docker:

composer require maymeow/php-encrypt

And intialize it withhin your script

$cf = new \MayMeow\Factory\CertificateFactory(new \MayMeow\Model\EncryptConfiguration());


Path Configuring

To Set different Root path for generated certificates use


If you want to save templates for generating certificates on different folder you can set this path with:


To chanage folder to change path to your configuration file


If you don use any of this commands default values will be used.

Certificate Signing

  1. Create Selfsigned CA
    ->setOrganizationName('Hogwarts School of Witchcraft and Wizardry')
    ->setCommonName('Hogwarts School of Witchcraft and Wizardry Root CA');

  1. Create Intermediate CAs. This type of CA you will use for signing users and servers certificates.
    ->setOrganizationName('Hogwarts School of Witchcraft and Wizardry')
    ->setOrganizationalUnitName('Hogwarts houses')
    ->setCommonName('Slytherin HSoWaW House');

    ->setCa('Hogwarts', '200634')
  1. Sign User or server certificate
  • User Certificate
    ->setCommonName('Hermione Granger')
    ->setOrganizationName('Hogwarts School of Witchcraft and Wizardry')
    ->setOrganizationalUnitName('Hogwarts Students');

    ->setCa('Hogwarts/Gryffindor', '296545')
  • Server Certificate
    ->setOrganizationalUnitName("Hogwarts Webpages")
    ->setOrganizationName("Hogwarts School of Witchcraft and Wizardry");


    ->setCa('Hogwarts/Gryffindor', '296545')
  1. Each certificatess are located in webroot/<certificate-name>. Certificate Names can be set with ->setName(<certificate-name>) function.
  2. To load CA for signing certificate you will use ->setCa(<certificate-name>, <certificate-key-pass>). Certificate Key pass is located in code.txt file in each certificate folder.

PKCS12 file format

Windows users need certificate in PKCS12 format, .pfx file extension. To create this type of file use


Creating key pairs

If you dont need certificate you can create key pair from v2018.4

$keys = $cf->setType('ca')->setName('keys-2')->getKeyPair(true); // true means keys will be stored into files
$protected_keys = $cf->setType('ca')->setName('keys-2')->getKeyPair(true, 'pa$$phras3'); // will generate keypair with encrypted private key

$keys->getPrivateKey(); // returns private key
$keys->getPublicKey(); // returns public key


Loaders are new feature that can be used to load Key pair from v2018.5. Each loader implements LoaderInterfaace. To use them follow example below. If you have protected (encrypted) private key loaders are place where is decrypting based on passphrase. SecurityFactory using only decrpted private_keys.

// use CertificateFactory and generated keys
$kl = new \MayMeow\Loaders\KeyPairLoader($cf, $keys);

$kl = new \MayMeow\Loaders\KeyPairLoader($cf, $keys, 'pa$$phras3'); // when you have encrypted priv_key

$kl->getPublicKey() // return string with public key
$kl->getPrivateKey() // return string with private key

When you have certificate or keypair generated to file you can use File loader

$kl = new \MayMeow\Loaders\KeyPairFileLoader($cf, 'keys-2');

$kl = new \MayMeow\Loaders\KeyPairFileLoader($cf, 'pa$$phras3'); // when you have encrypted priv_key

$kl->getPublicKey() // return string with public key
$kl->getPrivateKey() // return string with private key

Security factory

Security factory can be used for encryptig and decripting strings.

  1. Initialize security factory
$sf = new \MayMeow\Factory\SecurityFactory($cf);
  1. Set string which you want to encrypt
$string = json_encode([
    "name" => 'Hello',
    "surname" => 'world'
  1. load keys that will be used to encrypt / decrypt
$sf->setPrivateKey('keys-2', null);

or you can use loaders to set keypairs

$sf->setKeyPair(new KeyPairFileLoader('keys-2'));
  1. Encrypt text
$enc = base64_encode($sf->publicEncrypt());
  1. Decrypt
$decrypted = base64_encode($sf->privateDecrypt());

Example above will encrypt text with public key and decrypt with private. If you want encrypt with private just use $sf->encrypt() and $sf->decrypt for decrypting.


  1. Fork it!
  2. Create your feature branch: git checkout -b my-new-feature
  3. Commit your changes: git commit -am 'Add some feature'
  4. Push to the branch: git push origin my-new-feature
  5. Submit a pull request :D


SEE changelog


  • MayMeow
  • mARTin



Support on Beerpay

Hey dude! Help me out for a couple of 🍻!

Beerpay Beerpay

You can’t perform that action at this time.