openssl_pkcs7_sign() takes the
contents of the file named
infilename and signs them using the certificate and
it's matching private key specified by
signcert and
privkey parameters.
headers is an array of
headers that will be prepended to the data after it has been
signed (see openssl_pkcs7_encrypt() for more
information about the format of this parameter.
flags can be used to
alter the output - see PKCS7 constants -
if not specified, it defaults to PKCS7_DETACHED.
extracerts specifies
the name of a file containing a bunch of extra certificates
to include in the signature which can for example be used to
help the recipient to verify the certificate that you
used.
注: This function was added in 4.0.6.