|
|
通过 php curl 请求网页并不能获取到证书信息,此时需要使用 ssl socket 获取证书内容。下面来一起看看看详细的介绍:
示例代码:
// 创建 stream context
$context = stream_context_create([
'ssl' => [
'capture_peer_cert' => true,
'capture_peer_cert_chain' => true,
],
]);
$resource = stream_socket_client("ssl://$domain port", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $context);
$cert = stream_context_get_params($resource);
$ssl = $cert['options']['ssl'];
$resource = $ssl['peer_certificate'];
// 网站证书中只有公钥,通过 openssl_pkey_get_details 导出公钥
$ret = [
'crt' => '',
'pub' => '',
];
$pkey = openssl_pkey_get_public($resource);
$ret['pub'] = openssl_pkey_get_details($pkey)['key'];
openssl_x509_export($resource, $pem);
$ret['crt'] = $pem;
foreach ($ssl['peer_certificate_chain'] as $resource)
{
openssl_x509_export($resource, $pem);
$ret['crt'] .= "\n" . $pem;
}
// 保存 $ret['crt'] 为 domain.crt
// 保存 $ret['pub'] 为 domain.pub
return $ret;
|
|
|小黑屋|手机版|Archiver|cc!
( 吉ICP备2021009740号-8 )
发表于 2018-2-11 11:53:09