tags:

views:

425

answers:

1
+2  Q: 

Retrieve SSL Certificate with Zend Http Request and Response

I'm trying to connect to a third party API and I'm using the Zend 1.7.0 framework to access it. To authenticate, I have to first check an SSL certificate returned from a URL. This is what I'm doing in my code.

$client = new Zend_Http_Client($url);
$response = $client->request('GET');

The response is always OK, and when I navigate to '$url' I can see the certificate if I click on the lock in the bottom right corner of my browser window.

Is there a way to access the certificate's owner, expiration date and other properties via the response object? Do I have to do anything special to the request before sending it to obtain the information about the certificate?

+2  A: 

I don't think it's possible with the standard connection adaptor that Zend_Http_Client uses. I did a bit of digging and it looks like the adaptor uses fsockopen which pretty much hide what you're looking for. The way to do it is to open the socket yourself and get the certificate first:

$url = 'mail.google.com'; // For example
$context = stream_context_create();
$res = stream_context_set_option($context, 'ssl', 'capture_peer_cert', true);
$res = stream_context_set_option($context, 'ssl', 'verify_host', true);
if ($socket = stream_socket_client("tls://$url:443/", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $context)) {
    if ($options = stream_context_get_options($context)) {
        if (isset($options['ssl']) && isset($options['ssl']['peer_certificate'])) {
            $keyinfo = openssl_x509_parse($options[$wrapper]['peer_certificate']);
            var_dump($keyinfo);
        }
    }
    fclose($fp);
}
Neel  2009-09-28 19:32:24
This definately led me in the right direction. Thank you so much! Where did you find this code? I googled it and this page came up as the highest index.
JR  2009-09-30 17:43:25
I had to hunt around a lot. I eventually found a bit of code in a newsgroup post that could extract the certificate and then a separate one that showed how to extract the public key, the php.net openssl docs showed how to get the info. The rest was trial and error.I should really link back to the sources but I can't remember where the hell I found them all.
Neel  2009-09-30 22:34:25

related questions

IDE suggestions: Eclipse IDE vs. Zend Studio ( confused )
MySQL/Apache Error in PHP MySQL query
Lightweight IDE for Linux
What PHP framework would you choose for a new application and why?
Why is my ternary expression not working?
How can I get at the matches when using preg_replace in PHP?
Mechanisms for tracking DB schema changes
Wordpress theme development offline tools
Using object property as default for method property
How can I get the authenticated user name under Apache using plain HTTP authentication and PHP?
Make XAMPP/Apache serve file outside of htdocs
How do you debug PHP scripts?
PHP Variables passed by value or by reference?
Best way to implement unit testing in PHP
Connect PHP to an AS/400
Best way to access Exchange using PHP?
PHP Session Security
How do I access a remote form in php?
What's the best way to generate a tag cloud from an array? (using h1 through h6 for sizing)
Apache/PHP: error_log per Virtual Host?
How do I track file downloads with apache/PHP
How would you access Object properties from within an object method?
Flat File Databases in PHP
Best way to allow plugins for a PHP application
Latest information on PHP upcoming releases