- $this->key = openssl_pkey_get_private("file://$file", $password);
- if (!is_resource($this->key)) {
+ /* there appears to be a bug with refcount handling of this
+ * resource; when the resource is stored as property, it cannot be
+ * "coerced to a private key" on openssl_sign() alter in another method
+ */
+ $key = openssl_pkey_get_private("file://$file", $password);
+ if (!is_resource($key)) {