I need to create a detached PKCS7 signature for use with Apple Wallet passes.
private function createSignature()
{
$cert = '/etc/ssl/local.crt';
$key = '/etc/ssl/local.key';
$wwdr = '/var/www/app/storage/passes/AppleWWDRCA.cer';
$headers = [
'signing-time' => (new DateTime())->format('o-m-d H:i:s'),
];
return openssl_pkcs7_sign("$this->dir/manifest.json", "$this->dir/signature",
$cert, $key, $headers, PKCS7_DETACHED, $wwdr);
}
openssl_pkcs7_sign(): no certificates in file, /var/www/app/storage/passes/AppleWWDRCA.cer
AppleWWDRCA.cer was downloaded from https://www.apple.com/certificateauthority/. The exact certificate I downloaded was WWDR Certificate (Expiring 02/07/23). I have viewed the file and confirmed it isn't blank. Am I missing a step?
The issue was solved by adding the AppleWWDR.cer to my keychain and exporting it from the keychain as a .pem file.