valient12 Posted March 16, 2015 Share Posted March 16, 2015 I need to return ssl cert info using php this is what I have: <?php if($fp = tmpfile()) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,"https://mail.google.com"); curl_setopt($ch, CURLOPT_STDERR, $fp); curl_setopt($ch, CURLOPT_CERTINFO, 1); curl_setopt($ch, CURLOPT_VERBOSE, 1); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_NOBODY, 1); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2); $result = curl_exec($ch); curl_errno($ch)==0 or die("Error:".curl_errno($ch)." ".curl_error($ch)); fseek($fp, 0);//rewind $str=''; while(strlen($str.=fread($fp,8192))==8192); echo $str; fclose($fp); } ?> this is the output HTTP/1.1 200 OKCache-Control: private, max-age=604800Expires: Mon, 16 Mar 2015 14:52:08 GMTDate: Mon, 16 Mar 2015 14:52:08 GMTRefresh: 0;URL=https://mail.google.com/mail/Content-Type: text/html; charset=ISO-8859-1Content-Length: 234X-Content-Type-Options: nosniffX-Frame-Options: SAMEORIGINX-XSS-Protection: 1; mode=blockServer: GSEAlternate-Protocol: 443:quic,p=0.5 * Rebuilt URL to: https://mail.google.com/* Trying 216.58.211.133...* Connected to mail.google.com (216.58.211.133) port 443 (#0)* Initializing NSS with certpath: sql:/etc/pki/nssdb* CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none* SSL connection using TLS_RSA_WITH_AES_128_GCM_SHA256* Server certificate:* 0 Subject: C=US, ST=California, L=Mountain View, O=Google Inc, CN=mail.google.com* Issuer: C=US, O=Google Inc, CN=Google Internet Authority G2* Version: 3 (0x2)* Serial Number: 65:79:c2:fc:35:6c:01:bf:* Signature Algorithm: sha256WithRSAEncryption* Start Date: 2015-02-27 20:57:23 GMT* Expire Date: 2015-05-28 00:00:00 GMT* Public Key Algorithm: rsaEncryption* RSA Public Key (2048 bits)* rsa(n): 81:33:e5:b6:c2:78:53:a7:5b:b6:7d:40:c7:0f:7e:bc:16:c9:b6:51:59:77:9f:f5:56:7e:f6:7e:3e:fb:40:15:44:ca:43:3a:ee:16:67:79:52:e4:76:07:6e:1d:83:64:fd:10:9e:19:fe:6a:57:67:da:e8:5c:9f:fc:e1:04:36:12:d1:7a:5b:7b:7e:dc:54:2a:73:c9:8b:18:7a:e0:3f:d3:ac:e4:43:2c:2f:dc:14:a8:6d:37:6d:0d:f4:a7:6b:6a:39:73:df:10:b7:37:bb:e2:2d:4a:ac:1c:68:3d:49:da:51:7b:b6:aa:39:34:44:01:ce:2d:30:cd:d0:ee:e0:b4:5e:a3:71:2a:ae:4d:68:74:67:be:c8:e9:eb:28:7a:94:49:d4:63:35:6e:51:ab:1d:7f:54:c2:96:12:02:7e:79:e3:c6:bc:e8:a0:16:e7:9a:fc:87:a6:01:bb:d1:e5:e2:5f:99:9b:56:e6:78:27:fd:c7:c2:1f:4e:0f:0d:26:0f:97:26:2a:5c:6b:75:d6:60:82:02:06:d6:5a:9f:de:e4:ac:83:3e:32:10:ed:eb:44:14:f8:c6:f4:a4:d3:69:49:54:14:55:0b:3f:83:0f:78:1d:7b:31:f1:c4:f0:9d:78:f0:9a:74:63:8c:1b:b5:03:ea:0a:d3:a5:b9:a6:09:* rsa(e): 0x10001* Signature: 3a:64:d4:30:59:75:1e:80:15:f5:d7:39:3d:90:d7:34:5f:dd:32:6c:f0:a8:bb:fc:a4:9e:78:70:b4:a5:ea:45:a0:5d:ab:5b:74:aa:c0:44:b8:cd:90:40:ec:1a:23:e9:fa:60:6e:f8:27:91:54:6c:83:72:f6:43:2c:af:4f:22:c9:56:41:11:8a:ea:ec:f2:9b:7f:c2:f4:56:fe:39:a2:b7:c2:37:8f:43:95:af:e1:56:e9:4f:0b:91:b3:9c:a3:d4:bb:c7:42:ea:fc:bc:94:50:64:57:6e:4a:7d:a4:4b:73:98:b9:8e:0f:94:e9:c9:dd:09:ab:c2:3a:44:46:ad:f8:5b:0f:b0:42:df:be:1e:36:a5:30:e8:d1:72:ef:d4:df:d4:ed:c2:45:3e:1e:2a:36:f0:cd:17:ee:b7:46:8d:79:f1:d2:6f:db:c7:6d:fa:bb:3d:ff:46:1e:4c:50:10:f6:a2:55:93:d8:24:6d:ff:9d:71:97:b4:d2:44:79:d8:d1:cc:59:14:74:bf:cd:86:05:1a:15:99:74:34:42:06:8c:6b:69:5a:82:5a:0d:b7:3b:b5:fe:ab:8e:70:d9:2e:8c:2d:2d:f8:d1:92:ee:9c:c9:9c:b4:45:26:c2:79:62:c9:a0:d7:8e:95:42:6d:ca:72:7d:90:2e:b3:2a:a1:14:* -----BEGIN CERTIFICATE-----MIIEijCCA3KgAwIBAgIIZXnC/DVsAb8wDQYJKoZIhvcNAQELBQAwSTELMAkGA1UEBhMCVVMxEzARBgNVBAoTCkdvb2dsZSBJbmMxJTAjBgNVBAMTHEdvb2dsZSBJbnRlcm5ldCBBdXRob3JpdHkgRzIwHhcNMTUwMjI3MjA1NzIzWhcNMTUwNTI4MDAwMDAwWjBpMQswCQYDVQQGEwJVUzETMBEGA1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNTW91bnRhaW4gVmlldzETMBEGA1UECgwKR29vZ2xlIEluYzEYMBYGA1UEAwwPbWFpbC5nb29nbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgTPltsJ4U6dbtn1Axw9+vBbJtlFZd5/1Vn72fj77QBVEykM67hZneVLkdgduHYNk/RCeGf5qV2fa6Fyf/OEENhLRelt7ftxUKnPJixh64D/TrORDLC/cFKhtN20N9Kdrajlz3xC3N7viLUqsHGg9SdpRe7aqOTREAc4tMM3Q7uC0XqNxKq5NaHRnvsjp6yh6lEnUYzVuUasdf1TClhICfnnjxrzooBbnmvyHpgG70eXiX5mbVuZ4J/3Hwh9ODw0mD5cmKlxrddZgggIG1lqf3uSsgz4yEO3rRBT4xvSk02lJVBRVCz+DD3gdezHxxPCdePCadGOMG7UD6grTpbmmCQIDAQABo4IBVDCCAVAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCwGA1UdEQQlMCOCD21haWwuZ29vZ2xlLmNvbYIQaW5ib3guZ29vZ2xlLmNvbTBoBggrBgEFBQcBAQRcMFowKwYIKwYBBQUHMAKGH2h0dHA6Ly9wa2kuZ29vZ2xlLmNvbS9HSUFHMi5jcnQwKwYIKwYBBQUHMAGGH2h0dHA6Ly9jbGllbnRzMS5nb29nbGUuY29tL29jc3AwHQYDVR0OBBYEFAKMn8g2UfIsRERHIQ5AG3gcWYahMAwGA1UdEwEB/wQCMAAwHwYDVR0jBBgwFoAUSt0GFhu89mi1dvWBtrtiGrpagS8wFwYDVR0gBBAwDjAMBgorBgEEAdZ5AgUBMDAGA1UdHwQpMCcwJaAjoCGGH2h0dHA6Ly9wa2kuZ29vZ2xlLmNvbS9HSUFHMi5jcmwwDQYJKoZIhvcNAQELBQADggEBADpk1DBZdR6AFfXXOT2Q1zRf3TJs8Ki7/KSeeHC0pepFoF2rW3SqwES4zZBA7Boj6fpgbvgnkVRsg3L2QyyvTyLJVkERiurs8pt/wvRW/jmit8I3j0OVr+FW6U8LkbOco9S7x0Lq/LyUUGRXbkp9pEtzmLmOD5Tpyd0Jq8I6REat+FsPsELfvh42pTDo0XLv1N/U7cJFPh4qNvDNF+63Ro158dJv28dt+rs9/0YeTFAQ9qJVk9gkbf+dcZe00kR52NHMWRR0v82GBRoVmXQ0QgaMa2lagloNtzu1/quOcNkujC0t+NGS7pzJnLRFJsJ5Ysmg146VQm3Kcn2QLrMqoRQ=-----END CERTIFICATE----- > HEAD / HTTP/1.1Host: mail.google.comAccept: */* < HTTP/1.1 200 OK< Cache-Control: private, max-age=604800< Expires: Mon, 16 Mar 2015 14:52:08 GMT< Date: Mon, 16 Mar 2015 14:52:08 GMT< Refresh: 0;URL=https://mail.google.com/mail/< Content-Type: text/html; charset=ISO-8859-1< Content-Length: 234< X-Content-Type-Options: nosniff< X-Frame-Options: SAMEORIGIN< X-XSS-Protection: 1; mode=block< Server: GSE< Alternate-Protocol: 443:quic,p=0.5<* Connection #0 to host mail.google.com left intact but I need to access specific info such as expiry date etc which would be much easier to do from an array unless there's an even easier option? Quote Link to comment https://forums.phpfreaks.com/topic/295288-php-return-ssl-cert-info-in-array/ Share on other sites More sharing options...
kicken Posted March 16, 2015 Share Posted March 16, 2015 (edited) <?php $ch = curl_init('https://www.google.com/'); curl_setopt($ch, CURLOPT_CAPATH, '/etc/ssl/certs'); curl_setopt($ch, CURLOPT_CERTINFO, true); $result = curl_exec($ch); var_dump(curl_getinfo($ch, CURLINFO_CERTINFO));Seems to work for me. CURLINFO_CERTINFO doesn't appear to be documented so I'm not sure if there are any version requirements. Edited March 16, 2015 by kicken Quote Link to comment https://forums.phpfreaks.com/topic/295288-php-return-ssl-cert-info-in-array/#findComment-1508231 Share on other sites More sharing options...
valient12 Posted March 16, 2015 Author Share Posted March 16, 2015 (edited) all I get is: array(0) {} for mail.google.com it does however work for google.com :S edit: it also comes back with the page content - any way to get rid of that? Edited March 16, 2015 by valient12 Quote Link to comment https://forums.phpfreaks.com/topic/295288-php-return-ssl-cert-info-in-array/#findComment-1508248 Share on other sites More sharing options...
kicken Posted March 16, 2015 Share Posted March 16, 2015 Works for me with mail.google.com. To ignore the page contents you can just set CURLOPT_RETURNTRANSFER to true. Quote Link to comment https://forums.phpfreaks.com/topic/295288-php-return-ssl-cert-info-in-array/#findComment-1508251 Share on other sites More sharing options...
valient12 Posted March 17, 2015 Author Share Posted March 17, 2015 thanks, mail.google.com still doesn't work for me for some reason however setting CURLOPT_RETURNTRANSFER to true works well Quote Link to comment https://forums.phpfreaks.com/topic/295288-php-return-ssl-cert-info-in-array/#findComment-1508292 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.