How to get SSL certificate info with CURL in PHP?
No. EDIT: A CURLINFO_CERTINFO
option has been added to PHP 5.3.2. See http://bugs.php.net/49253
Apparently, that information is being given to you by your proxy in the response headers. If you want to rely on that, you can use curl's CURLOPT_HEADER
option to true
to include the headers in the output.
However, to retrieve the certificate without relying on some proxy, you must do
<?php
$g = stream_context_create (array("ssl" => array("capture_peer_cert" => true)));
$r = fopen("https://www.google.com/", "rb", false, $g);
$cont = stream_context_get_params($r);
var_dump($cont["options"]["ssl"]["peer_certificate"]);
You can manipulate the value of $cont["options"]["ssl"]["peer_certificate"]
with the OpenSSL extension.
EDIT: This option is better since it doesn't actually make the HTTP request and does not require allow_url_fopen
:
<?php
$g = stream_context_create (array("ssl" => array("capture_peer_cert" => true)));
$r = stream_socket_client("ssl://www.google.com:443", $errno, $errstr, 30,
STREAM_CLIENT_CONNECT, $g);
$cont = stream_context_get_params($r);
var_dump($cont["options"]["ssl"]["peer_certificate"]);
SSL Certificate with PHP CURL
For my particular case i needed to add the keyfile, sslcert and cert password.
//$xml = file_get_contents("thexmlfile.xml");
$xml= $propertyXml->asXML();
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($ch, CURLOPT_CAINFO, getcwd() . '\pemfile.pem');
curl_setopt($ch, CURLOPT_URL, "https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails");
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: text/xml'));
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_SSH_PRIVATE_KEYFILE, getcwd() . '\myjks.jks');
curl_setopt($ch, CURLOPT_SSLCERT, getcwd() . '\pemfile.pem');
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, "thesslpassword");
curl_setopt($ch, CURLOPT_POSTFIELDS, $xml);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);
curl_setopt($ch, CURLOPT_REFERER, "https://adfapi.adftest.rightmove.com/v1/property/sendpropertydetails");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_VERBOSE , 1);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
$ch_result = curl_exec($ch);
print curl_errno($ch);
print curl_error($ch);
echo "Result = ".$ch_result;
curl_close($ch);
reading SSL page with CURL (php)
It sounds like you might be misinterpreting the error. It looks to me like the site you're connecting to is self-signed or some other common problem. Just like the usual browser warning, you're easiest work around is to disable the checks.
You'll need to set CURLOPT_SSL_VERIFYPEER
and CURLOPT_SSL_VERIFYHOST
to FALSE
. This should disable the two main checks. They may not both be required, but this should at least get you going.
To be clear, this disables a feature designed to protect you. Only do this if you have verified the certificate and server by some other means.
More info on the PHP site: curl_setopt()
PHP CURL and SSL certificate (or cert chain)
Curl uses CA certificates in a separate location on the server than what the rest of the system, like a desktop would. I have had to install CA certificates into the filesystem before. PHP libcurl will use the libraries that the command line utility uses as well. Please see http://curl.haxx.se/docs/sslcerts.html.
PHP and SSL: How can I retrieve detailed validation results for remote site's certificate?
To get the validity period, I used this answer
and added this:
$cert_info = openssl_x509_parse($cont["options"]["ssl"]["peer_certificate"]);
if($cert_info['validFrom_time_t'] < time() < $cert_info['validTo_time_t']) {
//Certificate is CURRENT!
} else {
//Certificate is Expired or not yet valid
}
Related Topics
Check If PHP-Page Is Accessed from an iOS Device
PHP and Mod_Fcgid: Ap_Pass_Brigade Failed in Handle_Request_Ipc Function
MySQL Statement Takes More Than Minute to Execute
Calculating Image Size Ratio for Resizing
Adding Attributes to Customer Entity
Call Laravel Controller via Command Line
Convert Utc Offset to Timezone or Date
Soap PHP Fault Parsing Wsdl: Failed to Load External Entity
Get Element by Classname with Domdocument() Method
How to Install/Enable the PHP Phar Extension
Pkill -F Doesn't Work for Process Killing
The Post Method Is Not Supported for This Route. Supported Methods: Get, Head. Laravel
Bcrypt and Randomly Generated Salts
PHP Read_Exif_Data and Adjust Orientation
Cakephp 2.0 - How to Make Custom Error Pages