Jump to content

Recommended Posts

I need to return ssl cert info using php

 

this is what I have:

<?php
if($fp = tmpfile())
{
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL,"https://mail.google.com");
    curl_setopt($ch, CURLOPT_STDERR, $fp);
    curl_setopt($ch, CURLOPT_CERTINFO, 1);
    curl_setopt($ch, CURLOPT_VERBOSE, 1);
    curl_setopt($ch, CURLOPT_HEADER, 1);
    curl_setopt($ch, CURLOPT_NOBODY, 1);
    curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
    curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,  2);
    $result = curl_exec($ch);
    curl_errno($ch)==0 or die("Error:".curl_errno($ch)." ".curl_error($ch));
    fseek($fp, 0);//rewind
    $str='';
    while(strlen($str.=fread($fp,8192))==8192);
    echo $str;
    fclose($fp);
}
?>

this is the output

HTTP/1.1 200 OK
Cache-Control: private, max-age=604800
Expires: Mon, 16 Mar 2015 14:52:08 GMT
Date: Mon, 16 Mar 2015 14:52:08 GMT
Refresh: 0;URL=https://mail.google.com/mail/
Content-Type: text/html; charset=ISO-8859-1
Content-Length: 234
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Server: GSE
Alternate-Protocol: 443:quic,p=0.5

* Rebuilt URL to: https://mail.google.com/
*   Trying 216.58.211.133...
* Connected to mail.google.com (216.58.211.133) port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
*  0 Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=mail.google.com
*    Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2
*    Version: 3 (0x2)
*    Serial Number: 65:79:c2:fc:35:6c:01:bf:
*    Signature Algorithm: sha256WithRSAEncryption
*    Start Date: 2015-02-27 20:57:23 GMT
*    Expire Date: 2015-05-28 00:00:00 GMT
*    Public Key Algorithm: rsaEncryption
*    RSA Public Key (2048 bits)
*    rsa(n): 81:33:e5:b6:c2:78:53:a7:5b:b6:7d:40:c7:0f:7e:bc:16:c9:b6:51:59:77:9f:f5:56:7e:f6:7e:3e:fb:40:15:44:ca:43:3a:ee:16:67:79:52:e4:76:07:6e:1d:83:64:fd:10:9e:19:fe:6a:57:67:da:e8:5c:9f:fc:e1:04:36:12:d1:7a:5b:7b:7e:dc:54:2a:73:c9:8b:18:7a:e0:3f:d3:ac:e4:43:2c:2f:dc:14:a8:6d:37:6d:0d:f4:a7:6b:6a:39:73:df:10:b7:37:bb:e2:2d:4a:ac:1c:68:3d:49:da:51:7b:b6:aa:39:34:44:01:ce:2d:30:cd:d0:ee:e0:b4:5e:a3:71:2a:ae:4d:68:74:67:be:c8:e9:eb:28:7a:94:49:d4:63:35:6e:51:ab:1d:7f:54:c2:96:12:02:7e:79:e3:c6:bc:e8:a0:16:e7:9a:fc:87:a6:01:bb:d1:e5:e2:5f:99:9b:56:e6:78:27:fd:c7:c2:1f:4e:0f:0d:26:0f:97:26:2a:5c:6b:75:d6:60:82:02:06:d6:5a:9f:de:e4:ac:83:3e:32:10:ed:eb:44:14:f8:c6:f4:a4:d3:69:49:54:14:55:0b:3f:83:0f:78:1d:7b:31:f1:c4:f0:9d:78:f0:9a:74:63:8c:1b:b5:03:ea:0a:d3:a5:b9:a6:09:
*    rsa(e): 0x10001
*    Signature: 3a:64:d4:30:59:75:1e:80:15:f5:d7:39:3d:90:d7:34:5f:dd:32:6c:f0:a8:bb:fc:a4:9e:78:70:b4:a5:ea:45:a0:5d:ab:5b:74:aa:c0:44:b8:cd:90:40:ec:1a:23:e9:fa:60:6e:f8:27:91:54:6c:83:72:f6:43:2c:af:4f:22:c9:56:41:11:8a:ea:ec:f2:9b:7f:c2:f4:56:fe:39:a2:b7:c2:37:8f:43:95:af:e1:56:e9:4f:0b:91:b3:9c:a3:d4:bb:c7:42:ea:fc:bc:94:50:64:57:6e:4a:7d:a4:4b:73:98:b9:8e:0f:94:e9:c9:dd:09:ab:c2:3a:44:46:ad:f8:5b:0f:b0:42:df:be:1e:36:a5:30:e8:d1:72:ef:d4:df:d4:ed:c2:45:3e:1e:2a:36:f0:cd:17:ee:b7:46:8d:79:f1:d2:6f:db:c7:6d:fa:bb:3d:ff:46:1e:4c:50:10:f6:a2:55:93:d8:24:6d:ff:9d:71:97:b4:d2:44:79:d8:d1:cc:59:14:74:bf:cd:86:05:1a:15:99:74:34:42:06:8c:6b:69:5a:82:5a:0d:b7:3b:b5:fe:ab:8e:70:d9:2e:8c:2d:2d:f8:d1:92:ee:9c:c9:9c:b4:45:26:c2:79:62:c9:a0:d7:8e:95:42:6d:ca:72:7d:90:2e:b3:2a:a1:14:
* -----BEGIN CERTIFICATE-----
MIIEijCCA3KgAwIBAgIIZXnC/DVsAb8wDQYJKoZIhvcNAQELBQAwSTELMAkGA1UE
BhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRl
cm5ldCBBdXRob3JpdHkgRzIwHhcNMTUwMjI3MjA1NzIzWhcNMTUwNTI4MDAwMDAw
WjBpMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwN
TW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEYMBYGA1UEAwwPbWFp
bC5nb29nbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTPl
tsJ4U6dbtn1Axw9+vBbJtlFZd5/1Vn72fj77QBVEykM67hZneVLkdgduHYNk/RCe
Gf5qV2fa6Fyf/OEENhLRelt7ftxUKnPJixh64D/TrORDLC/cFKhtN20N9Kdrajlz
3xC3N7viLUqsHGg9SdpRe7aqOTREAc4tMM3Q7uC0XqNxKq5NaHRnvsjp6yh6lEnU
YzVuUasdf1TClhICfnnjxrzooBbnmvyHpgG70eXiX5mbVuZ4J/3Hwh9ODw0mD5cm
KlxrddZgggIG1lqf3uSsgz4yEO3rRBT4xvSk02lJVBRVCz+DD3gdezHxxPCdePCa
dGOMG7UD6grTpbmmCQIDAQABo4IBVDCCAVAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
CCsGAQUFBwMCMCwGA1UdEQQlMCOCD21haWwuZ29vZ2xlLmNvbYIQaW5ib3guZ29v
Z2xlLmNvbTBoBggrBgEFBQcBAQRcMFowKwYIKwYBBQUHMAKGH2h0dHA6Ly9wa2ku
Z29vZ2xlLmNvbS9HSUFHMi5jcnQwKwYIKwYBBQUHMAGGH2h0dHA6Ly9jbGllbnRz
MS5nb29nbGUuY29tL29jc3AwHQYDVR0OBBYEFAKMn8g2UfIsRERHIQ5AG3gcWYah
MAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUSt0GFhu89mi1dvWBtrtiGrpagS8w
FwYDVR0gBBAwDjAMBgorBgEEAdZ5AgUBMDAGA1UdHwQpMCcwJaAjoCGGH2h0dHA6
Ly9wa2kuZ29vZ2xlLmNvbS9HSUFHMi5jcmwwDQYJKoZIhvcNAQELBQADggEBADpk
1DBZdR6AFfXXOT2Q1zRf3TJs8Ki7/KSeeHC0pepFoF2rW3SqwES4zZBA7Boj6fpg
bvgnkVRsg3L2QyyvTyLJVkERiurs8pt/wvRW/jmit8I3j0OVr+FW6U8LkbOco9S7
x0Lq/LyUUGRXbkp9pEtzmLmOD5Tpyd0Jq8I6REat+FsPsELfvh42pTDo0XLv1N/U
7cJFPh4qNvDNF+63Ro158dJv28dt+rs9/0YeTFAQ9qJVk9gkbf+dcZe00kR52NHM
WRR0v82GBRoVmXQ0QgaMa2lagloNtzu1/quOcNkujC0t+NGS7pzJnLRFJsJ5Ysmg
146VQm3Kcn2QLrMqoRQ=
-----END CERTIFICATE-----

> HEAD / HTTP/1.1
Host: mail.google.com
Accept: */*

< HTTP/1.1 200 OK
< Cache-Control: private, max-age=604800
< Expires: Mon, 16 Mar 2015 14:52:08 GMT
< Date: Mon, 16 Mar 2015 14:52:08 GMT
< Refresh: 0;URL=https://mail.google.com/mail/
< Content-Type: text/html; charset=ISO-8859-1
< Content-Length: 234
< X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
< X-XSS-Protection: 1; mode=block
< Server: GSE
< Alternate-Protocol: 443:quic,p=0.5
<
* Connection #0 to host mail.google.com left intact

 

but I need to access specific info such as expiry date etc which would be much easier to do from an array unless there's an even easier option?

Link to comment
https://forums.phpfreaks.com/topic/295288-php-return-ssl-cert-info-in-array/
Share on other sites

<?php

$ch = curl_init('https://www.google.com/');
curl_setopt($ch, CURLOPT_CAPATH, '/etc/ssl/certs');
curl_setopt($ch, CURLOPT_CERTINFO, true);
$result = curl_exec($ch);

var_dump(curl_getinfo($ch, CURLINFO_CERTINFO));
Seems to work for me. CURLINFO_CERTINFO doesn't appear to be documented so I'm not sure if there are any version requirements. Edited by kicken
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.