diff --git a/services/commtest/src/tunnelbroker/new_session.rs b/services/commtest/src/tunnelbroker/new_session.rs
--- a/services/commtest/src/tunnelbroker/new_session.rs
+++ b/services/commtest/src/tunnelbroker/new_session.rs
@@ -2,6 +2,9 @@
 use crate::tunnelbroker::tunnelbroker_utils::{
   proto::SessionSignatureRequest, TunnelbrokerServiceClient,
 };
+use openssl::hash::MessageDigest;
+use openssl::pkey::PKey;
+use openssl::sign::Signer;
 use tonic::Request;
 
 pub async fn get_string_to_sign(
@@ -16,3 +19,13 @@
   let string_to_sign = response.into_inner().to_sign;
   Ok(string_to_sign)
 }
+
+pub fn sign_string_with_private_key(
+  keypair: &PKey<openssl::pkey::Private>,
+  string_to_be_signed: &str,
+) -> String {
+  let mut signer = Signer::new(MessageDigest::sha1(), &keypair).unwrap();
+  signer.update(string_to_be_signed.as_bytes()).unwrap();
+  let signature = signer.sign_to_vec().unwrap();
+  base64::encode(signature)
+}