In a new post to his site Freek Van der Herten shares some code he's worked up to validate SSL certificates in PHP to ensure they're correct when accessing a remote site.
With vanilla PHP it’s possible to check of if the SSL certificate of a given site is valid. But it’s kinda madness to do it.
He starts with the code required to do it including:
- using stream_socket_client to connect to the remote server
- getting the connection parameters with stream_context_get_params
- using openssl_x509_parse
..then on to parsing the certificate and its "valid time" timestamps. He stops it with the above steps, however, and advocates that you instead try out this package (one developed by him) to make the validation a two-line process. He also describes some of the other methods the package includes to get things like the issuer, domain and any additional domains it covers. Be aware that if you're planning on using it you'll need OpenSSL support in your PHP installation as it's required for the connection and validation.