diff --git a/NEWS b/NEWS
index a1ad51f3694..2161785e6cb 100644
--- a/NEWS
+++ b/NEWS
@@ -26,6 +26,10 @@ PHP                                                                        NEWS
   . Fixed bug GH-16361 (mb_substr overflow on start/length arguments).
     (David Carlier)
 
+- OpenSSL:
+  . Fixed bug GH-16357 (openssl may modify member types of certificate arrays).
+    (cmb)
+
 - PHPDBG:
   . Fixed bug GH-16174 (Empty string is an invalid expression for ev). (cmb)
 
diff --git a/ext/openssl/openssl.c b/ext/openssl/openssl.c
index 6f85e9852fb..28350a1a15b 100644
--- a/ext/openssl/openssl.c
+++ b/ext/openssl/openssl.c
@@ -1500,11 +1500,13 @@ static X509 *php_openssl_x509_from_zval(
 
 	*free_cert = 1;
 
-	if (!try_convert_to_string(val)) {
+	zend_string *str = zval_try_get_string(val);
+	if (str == NULL) {
 		return NULL;
 	}
-
-	return php_openssl_x509_from_str(Z_STR_P(val), arg_num, is_from_array, option_name);
+	X509 *cert = php_openssl_x509_from_str(str, arg_num, is_from_array, option_name);
+	zend_string_release(str);
+	return cert;
 }
 /* }}} */
 
diff --git a/ext/openssl/tests/gh16357.phpt b/ext/openssl/tests/gh16357.phpt
new file mode 100644
index 00000000000..32a76167a0e
--- /dev/null
+++ b/ext/openssl/tests/gh16357.phpt
@@ -0,0 +1,22 @@
+--TEST--
+GH-16357 (openssl may modify member types of certificate arrays)
+--EXTENSIONS--
+openssl
+--FILE--
+<?php
+$infile = __DIR__ . "/cert.crt";
+$outfile = __DIR__ . "/gh16357.txt";
+$certs = [123];
+var_dump(openssl_pkcs7_encrypt($infile, $outfile, $certs, null));
+var_dump($certs);
+?>
+--CLEAN--
+<?php
+unlink(__DIR__ . "/gh16357.txt");
+?>
+--EXPECT--
+bool(false)
+array(1) {
+  [0]=>
+  int(123)
+}