diff --git a/reference/openssl/functions/openssl-spki-export-challenge.xml b/reference/openssl/functions/openssl-spki-export-challenge.xml
new file mode 100644
index 0000000000..1900749038
--- /dev/null
+++ b/reference/openssl/functions/openssl-spki-export-challenge.xml
@@ -0,0 +1,104 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- $Revision$ -->
+
+<refentry xml:id="function.openssl-spki-export-challenge" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
+ <refnamediv>
+  <refname>openssl_spki_export_challenge</refname>
+  <refpurpose>Exports the challenge assoicated with a signed public key and challenge</refpurpose>
+ </refnamediv>
+
+ <refsect1 role="description">
+  &reftitle.description;
+  <methodsynopsis role="procedural">
+   <type>string</type><methodname>openssl_spki_export_challenge</methodname>
+   <methodparam><type>string</type><parameter role="reference">spkac</parameter></methodparam>
+  </methodsynopsis>
+  <para>
+    Exports challenge from encoded signed public key and challenge
+  </para>
+ </refsect1>
+
+ <refsect1 role="parameters">
+  &reftitle.parameters;
+  <variablelist>
+    <varlistentry>
+     <term><parameter>spkac</parameter></term>
+     <listitem>
+      <para>
+        Expects a valid signed public key and challenge 
+      </para>
+     </listitem>
+    </varlistentry>
+  </variablelist>
+ </refsect1>
+
+ <refsect1 role="returnvalues">
+  &reftitle.returnvalues;
+  <para>
+   Returns the associated challenge string or NULL on failure.
+  </para>
+ </refsect1>
+
+  <refsect1 role="errors">
+  &reftitle.errors;
+  <para>
+   Emits an <constant>E_WARNING</constant> level error if an invalid argument
+   is passed via the <parameter>spkac</parameter> parameter.
+  </para>
+ </refsect1>
+
+ <refsect1 role="examples">
+  &reftitle.examples;
+  <example xml:id="openssl-spki-export-challenge.example.basic">
+   <title><function>openssl-spki-export-challenge</function> example</title>
+   <para>
+      Extracts the associated challenge string or NULL on failure.
+   </para>
+   <programlisting role="php">
+<![CDATA[
+<?php
+$pkey = openssl_pkey_new('secret password');
+$spkac = openssl_spki_new($pkey, 'challenge string');
+$challenge = openssl_spki_export_challenge(preg_replace('/SPKAC=/', '', $spkac));
+?>
+]]>
+   </programlisting>
+  </example>
+ </refsect1>
+
+ <refsect1 role="seealso">
+  &reftitle.seealso;
+  <para>
+   <simplelist>
+    <member><function>openssl_spki_new</function></member>
+    <member><function>openssl_spki_verify</function></member>
+    <member><function>openssl_spki_export</function></member>
+    <member><function>openssl_md_method</function></member>
+    <member><function>openssl_csr_new</function></member>
+    <member><function>openssl_csr_sign</function></member>
+   </simplelist>
+  </para>
+ </refsect1>
+
+</refentry>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+mode: sgml
+sgml-omittag:t
+sgml-shorttag:t
+sgml-minimize-attributes:nil
+sgml-always-quote-attributes:t
+sgml-indent-step:1
+sgml-indent-data:t
+indent-tabs-mode:nil
+sgml-parent-document:nil
+sgml-default-dtd-file:"~/.phpdoc/manual.ced"
+sgml-exposed-tags:nil
+sgml-local-catalogs:nil
+sgml-local-ecat-files:nil
+End:
+vim600: syn=xml fen fdm=syntax fdl=2 si
+vim: et tw=78 syn=sgml
+vi: ts=1 sw=1
+-->
diff --git a/reference/openssl/functions/openssl-spki-export.xml b/reference/openssl/functions/openssl-spki-export.xml
new file mode 100644
index 0000000000..5c1384ee8f
--- /dev/null
+++ b/reference/openssl/functions/openssl-spki-export.xml
@@ -0,0 +1,108 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- $Revision$ -->
+
+<refentry xml:id="function.openssl-spki-export" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
+ <refnamediv>
+  <refname>openssl_spki_export</refname>
+  <refpurpose>Exports a valid PEM formatted public key signed public key and challenge</refpurpose>
+ </refnamediv>
+
+ <refsect1 role="description">
+  &reftitle.description;
+  <methodsynopsis role="procedural">
+   <type>string</type><methodname>openssl_spki_export</methodname>
+   <methodparam><type>string</type><parameter role="reference">spkac</parameter></methodparam>
+  </methodsynopsis>
+  <para>
+    Exports PEM formatted public key from encoded signed public key and challenge
+  </para>
+ </refsect1>
+
+ <refsect1 role="parameters">
+  &reftitle.parameters;
+  <variablelist>
+    <varlistentry>
+     <term><parameter>spkac</parameter></term>
+     <listitem>
+      <para>
+        Expects a valid signed public key and challenge 
+      </para>
+     </listitem>
+    </varlistentry>
+  </variablelist>
+ </refsect1>
+
+ <refsect1 role="returnvalues">
+  &reftitle.returnvalues;
+  <para>
+   Returns the associated PEM formatted public key or NULL on failure.
+  </para>
+ </refsect1>
+
+  <refsect1 role="errors">
+  &reftitle.errors;
+  <para>
+   Emits an <constant>E_WARNING</constant> level error if an invalid argument
+   is passed via the <parameter>spkac</parameter> parameter.
+  </para>
+ </refsect1>
+
+ <refsect1 role="examples">
+  &reftitle.examples;
+  <example xml:id="openssl-spki-export.example.basic">
+   <title><function>openssl-spki-export</function> example</title>
+   <para>
+      Extracts the associated PEM formatted public key or NULL on failure.
+   </para>
+   <programlisting role="php">
+<![CDATA[
+<?php
+$pkey = openssl_pkey_new('secret password');
+$spkac = openssl_spki_new($pkey, 'challenge string');
+$pubKey = openssl_spki_export(preg_replace('/SPKAC=/', '', $spkac));
+
+if ($pubKey) {
+    echo $pubKey;
+}
+?>
+]]>
+   </programlisting>
+  </example>
+ </refsect1>
+
+ <refsect1 role="seealso">
+  &reftitle.seealso;
+  <para>
+   <simplelist>
+    <member><function>openssl_spki_new</function></member>
+    <member><function>openssl_spki_verify</function></member>
+    <member><function>openssl_spki_export_challenge</function></member>
+    <member><function>openssl_md_method</function></member>
+    <member><function>openssl_csr_new</function></member>
+    <member><function>openssl_csr_sign</function></member>
+   </simplelist>
+  </para>
+ </refsect1>
+
+</refentry>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+mode: sgml
+sgml-omittag:t
+sgml-shorttag:t
+sgml-minimize-attributes:nil
+sgml-always-quote-attributes:t
+sgml-indent-step:1
+sgml-indent-data:t
+indent-tabs-mode:nil
+sgml-parent-document:nil
+sgml-default-dtd-file:"~/.phpdoc/manual.ced"
+sgml-exposed-tags:nil
+sgml-local-catalogs:nil
+sgml-local-ecat-files:nil
+End:
+vim600: syn=xml fen fdm=syntax fdl=2 si
+vim: et tw=78 syn=sgml
+vi: ts=1 sw=1
+-->
diff --git a/reference/openssl/functions/openssl-spki-new.xml b/reference/openssl/functions/openssl-spki-new.xml
new file mode 100644
index 0000000000..67c392c776
--- /dev/null
+++ b/reference/openssl/functions/openssl-spki-new.xml
@@ -0,0 +1,146 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- $Revision$ -->
+
+<refentry xml:id="function.openssl-spki-new" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
+ <refnamediv>
+  <refname>openssl_spki_new</refname>
+  <refpurpose>Generate a new signed public key and challenge</refpurpose>
+ </refnamediv>
+
+ <refsect1 role="description">
+  &reftitle.description;
+  <methodsynopsis role="procedural">
+   <type>string</type><methodname>openssl_spki_new</methodname>
+   <methodparam><type>resource</type><parameter role="reference">privkey</parameter></methodparam>
+   <methodparam><type>string</type><parameter role="reference">challenge</parameter></methodparam>
+   <methodparam choice="opt"><type>int</type><parameter>algorithm</parameter><initializer>0</initializer></methodparam>
+  </methodsynopsis>
+  <para>
+   Generates a signed public key and challenge using specified hashing algorithm
+  </para>
+ </refsect1>
+
+ <refsect1 role="parameters">
+  &reftitle.parameters;
+  <variablelist>
+   <varlistentry>
+     <term><parameter>privkey</parameter></term>
+     <listitem>
+      <para>
+       <parameter>privkey</parameter> should be set to a private key that was
+       previously generated by <function>openssl_pkey_new</function> (or
+       otherwise obtained from the other openssl_pkey family of functions).
+       The corresponding public portion of the key will be used to sign the
+       CSR.
+      </para>
+     </listitem>
+    </varlistentry>
+    <varlistentry>
+     <term><parameter>challenge</parameter></term>
+     <listitem>
+      <para>
+       The challenge associated to associate with the SPKAC
+      </para>
+     </listitem>
+    </varlistentry>
+    <varlistentry>
+     <term><parameter>algorithm</parameter></term>
+     <listitem>
+      <para>
+       The digest algorithm. See openssl_get_md_method().
+      </para>
+     </listitem>
+    </varlistentry>
+  </variablelist>
+ </refsect1>
+
+ <refsect1 role="returnvalues">
+  &reftitle.returnvalues;
+  <para>
+   Returns a signed public key and challenge string or NULL on failure.
+  </para>
+ </refsect1>
+
+  <refsect1 role="errors">
+  &reftitle.errors;
+  <para>
+   Emits an <constant>E_WARNING</constant> level error if an unknown signature algorithm
+   is passed via the <parameter>algorithm</parameter> parameter.
+  </para>
+ </refsect1>
+
+ <refsect1 role="examples">
+  &reftitle.examples;
+  <example xml:id="openssl-spki-new.example.basic">
+   <title><function>openssl-spki-new</function> example</title>
+   <para>
+     Generate a new SPKAC with the default digest (MD5)
+   </para>
+   <programlisting role="php">
+<![CDATA[
+<?php
+$pkey = openssl_pkey_new('secret password');
+$spkac = openssl_spki_new($pkey, 'testing');
+
+if ($spkac !== NULL) {
+    echo $spkac;
+} else {
+    echo "SPKAC generation failed";
+}
+?>
+]]>
+   </programlisting>
+   &example.outputs.similar;
+   <screen>
+<![CDATA[
+MIICRzCCAS8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDM3V3sS4o4
+mB9dczziRnjGAmSp+JwPrHoYMAFGvDNmZGyiWfU586X4BKs++BAj7e/FsAfno0Hd
+hN9FwpCNFSox30L03nQvLYJE7f/WqigwBeMRT7Op/xvFks4sT70xP2HRYv4KqP9a
+WRcKU6cFH8VxhFhqM2txEIxZKdFLaL28yT7bEDmcglf4JLDdgNMb9rET1dkgtKE6
+dOaJHPGjf1uvnOH4YwkQr7n4sLUR3Kdbh0ZJAFuQVDZulo+LLzxBBkqJJcB6FhF+
+oXCdHTKZnqAhpWDz+NXYytAmevab6IYm5TWPWsJUv1YKJA5lg2mXbbloIZlN9Mgc
+i9fi03bdw+crAgMBAAEWB3Rlc3RpbmcwDQYJKoZIhvcNAQEEBQADggEBALyUvP/o
+pPSoWBlorFyZ2RnGwKf9qMpE0q2IJP7G3oDR4LyK/m933DUiZ+YnqThrH/CWb4Ek
+y5I3OCyl3S4wCuU1ibZZwDVwYShr5ELp0J9PEf7qMQZOhNsizoC7k+Czb2xB6hYW
+sKfsfTKm3cXBtH3fdgc/Z1Z7VSWnAzYo38snqm72NTf5yFRnrQdphNNXi+kn1zHA
+lxXRyFDXHOcYsOnwAWfyXFA4QDHQ0ezz0UoCY8gJXovcZb4GRYqOLUAsF2HcNboy
+29WN8VqE29sL9QxVZFlwMcqyoLcNnyw38GvNvAGqSvzzbnEFP2MAQXJVe0H0hdp/
+MML5G2iNVgNozAo=
+]]>
+   </screen>
+  </example>
+ </refsect1>
+
+ <refsect1 role="seealso">
+  &reftitle.seealso;
+  <para>
+   <simplelist>
+    <member><function>openssl_md_method</function></member>
+    <member><function>openssl_csr_new</function></member>
+    <member><function>openssl_csr_sign</function></member>
+   </simplelist>
+  </para>
+ </refsect1>
+
+</refentry>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+mode: sgml
+sgml-omittag:t
+sgml-shorttag:t
+sgml-minimize-attributes:nil
+sgml-always-quote-attributes:t
+sgml-indent-step:1
+sgml-indent-data:t
+indent-tabs-mode:nil
+sgml-parent-document:nil
+sgml-default-dtd-file:"~/.phpdoc/manual.ced"
+sgml-exposed-tags:nil
+sgml-local-catalogs:nil
+sgml-local-ecat-files:nil
+End:
+vim600: syn=xml fen fdm=syntax fdl=2 si
+vim: et tw=78 syn=sgml
+vi: ts=1 sw=1
+-->
diff --git a/reference/openssl/functions/openssl-spki-verify.xml b/reference/openssl/functions/openssl-spki-verify.xml
new file mode 100644
index 0000000000..d081bb9986
--- /dev/null
+++ b/reference/openssl/functions/openssl-spki-verify.xml
@@ -0,0 +1,109 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- $Revision$ -->
+
+<refentry xml:id="function.openssl-spki-verify" xmlns="http://docbook.org/ns/docbook" xmlns:xlink="http://www.w3.org/1999/xlink">
+ <refnamediv>
+  <refname>openssl_spki_verify</refname>
+  <refpurpose>Verifies a signed public key and challenge</refpurpose>
+ </refnamediv>
+
+ <refsect1 role="description">
+  &reftitle.description;
+  <methodsynopsis role="procedural">
+   <type>string</type><methodname>openssl_spki_verify</methodname>
+   <methodparam><type>string</type><parameter role="reference">spkac</parameter></methodparam>
+  </methodsynopsis>
+  <para>
+    Validates the supplied signed public key and challenge
+  </para>
+ </refsect1>
+
+ <refsect1 role="parameters">
+  &reftitle.parameters;
+  <variablelist>
+    <varlistentry>
+     <term><parameter>spkac</parameter></term>
+     <listitem>
+      <para>
+        Expects a valid signed public key and challenge 
+      </para>
+     </listitem>
+    </varlistentry>
+  </variablelist>
+ </refsect1>
+
+ <refsect1 role="returnvalues">
+  &reftitle.returnvalues;
+  <para>
+   Returns a boolean on success or failure.
+  </para>
+ </refsect1>
+
+  <refsect1 role="errors">
+  &reftitle.errors;
+  <para>
+   Emits an <constant>E_WARNING</constant> level error if an invalid argument
+   is passed via the <parameter>spkac</parameter> parameter.
+  </para>
+ </refsect1>
+
+ <refsect1 role="examples">
+  &reftitle.examples;
+  <example xml:id="openssl-spki-verify.example.basic">
+   <title><function>openssl-spki-verify</function> example</title>
+   <para>
+      Validates an existing signed public key and challenge
+   </para>
+   <programlisting role="php">
+<![CDATA[
+<?php
+$pkey = openssl_pkey_new('secret password');
+$spkac = openssl_spki_new($pkey, 'challenge string');
+
+if (openssl_spki_verify(preg_replace('/SPKAC=/', '', $spkac))) {
+    echo $spkac;
+} else {
+    echo "SPKAC validation failed";
+}
+?>
+]]>
+   </programlisting>
+  </example>
+ </refsect1>
+
+ <refsect1 role="seealso">
+  &reftitle.seealso;
+  <para>
+   <simplelist>
+    <member><function>openssl_spki_new</function></member>
+    <member><function>openssl_spki_export_challenge</function></member>
+    <member><function>openssl_spki_export</function></member>
+    <member><function>openssl_md_method</function></member>
+    <member><function>openssl_csr_new</function></member>
+    <member><function>openssl_csr_sign</function></member>
+   </simplelist>
+  </para>
+ </refsect1>
+
+</refentry>
+
+<!-- Keep this comment at the end of the file
+Local variables:
+mode: sgml
+sgml-omittag:t
+sgml-shorttag:t
+sgml-minimize-attributes:nil
+sgml-always-quote-attributes:t
+sgml-indent-step:1
+sgml-indent-data:t
+indent-tabs-mode:nil
+sgml-parent-document:nil
+sgml-default-dtd-file:"~/.phpdoc/manual.ced"
+sgml-exposed-tags:nil
+sgml-local-catalogs:nil
+sgml-local-ecat-files:nil
+End:
+vim600: syn=xml fen fdm=syntax fdl=2 si
+vim: et tw=78 syn=sgml
+vi: ts=1 sw=1
+-->