Gatekeeper in macOS ensures only verified applications can be executed and this is achieved by signing the application using codesign. Code signing has been optional on macOS Big Sur and prior but mandatory since macOS Monterey.

PHP module installed using homebrew is not signed, so you need to sign it first before it can be used, or you will get the following error;

$ sudo apachectl -k restart
Password:
[Mon Aug 02 19:43:49.950888 2021] [so:error] [pid 62201] AH06665: No code signing authority for module at /opt/homebrew/opt/php@7.4/lib/httpd/modules/libphp7.so specified in LoadModule directive.
httpd: Syntax error on line 555 of /private/etc/apache2/httpd.conf: Syntax error on line 5 of /private/etc/apache2/other/00-httpd.conf: Code signing absent - not loading module at: /opt/homebrew/opt/php@7.4/lib/httpd/modules/libphp7.so

You need to create a Certificate Authority for code signing and a code signing certificate before you can sign the PHP module using codesign utility.

Steps to sign homebrew php module using codesign:

  1. Create Certificate Authority for code signing using Keychain Access.
  2. Create code signing certificate using Keychain Access.
  3. Launch terminal app.
  4. Install Xcode Command Line Tools if not already installed.
    $ xcode-select --install
  5. Locate location or path of PHP module from Apache's PHP LoadModule directive.
    $ grep -nir "^loadmodule.*php" /etc/apache2
    /etc/apache2/other/00-httpd.conf:4:LoadModule php7_module /opt/homebrew/opt/php@7.4/lib/httpd/modules/libphp7.so

  6. Sign PHP module using codesign.
    $ codesign --sign "Mohd Shakir" --force --keychain ~/Library/Keychains/login.keychain-db /opt/homebrew/opt/php@7.4/lib/httpd/modules/libphp7.so
  7. Open Apache configuration file with PHP LoadModule directive using your preferred text editor.
    $ sudo vi /etc/apache2/other/00-httpd.conf
  8. Add certificate name after module path in PHP LoadModule directive.
    LoadModule php7_module /opt/homebrew/opt/php@7.4/lib/httpd/modules/libphp7.so "Mohd Shakir"
  9. Restart Apache for changes to take effect.
    $ sudo apachectl -k restart
    [Fri Jul 30 07:25:56.693224 2021] [so:notice] [pid 22961] AH06662: Allowing module loading process to continue for module at /opt/homebrew/opt/php@7.4/lib/httpd/modules/libphp7.so because module signature matches authority "Mohd Shakir" specified in LoadModule directive
Discuss the article:

Comment anonymously. Login not required.

Share!