openssl_pkcs7_sign() takes the contents of the file
infilename and signs them using the
certificate and its matching private key specified by
headers is an array of headers that
will be prepended to the data after it has been signed (see
openssl_pkcs7_encrypt() for more information about
the format of this parameter.
flags can be used to alter the output - see PKCS7 constants - if not specified,
it defaults to PKCS7_DETACHED.
extracerts specifies the name of a file containing
a bunch of extra certificates to include in the signature which can for
example be used to help the recipient to verify the certificate that you used.
Example 1. openssl_pkcs7_sign() example