可用于检测https证书是否过期,用于域名证书的过期提醒等等
<?php
$contextOptions = [
'ssl' => [
'verify_host' => false,
'verify_peer' => false,
'verify_peer_name' => false,
'capture_peer_cert' => true,
'capture_peer_cert_chain' => true,
]
];//参数不验证远程主机
$context = stream_context_create($contextOptions);
$res = stream_socket_client('ssl://www.phpip.com:443', $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $context);
//var_dump($res);
$params = stream_context_get_params($res);
print_r($params);
$cert = $params['options']['ssl']['peer_certificate'];
$cert_info = openssl_x509_parse($cert);
print_r($cert_info);
echo "过期时间:".date('Y-m-d',$cert_info['validTo_time_t']);
echo "\n";
Array
(
[options] => Array
(
[ssl] => Array
(
[verify_host] =>
[verify_peer] =>
[verify_peer_name] =>
[capture_peer_cert] => 1
[capture_peer_cert_chain] => 1
[peer_certificate] => Resource id #6
[peer_certificate_chain] => Array
(
[0] => Resource id #7
[1] => Resource id #8
)
)
)
)
Array
(
[name] => /CN=8100.cc
[subject] => Array
(
[CN] => 8100.cc
)
[hash] => df0f486a
[issuer] => Array
(
[C] => US
[O] => Let's Encrypt
[CN] => Let's Encrypt Authority X3
)
[version] => 2
[serialNumber] => 0x03DF9881A2B75F6A87731EDE5E87716994A4
[serialNumberHex] => 03DF9881A2B75F6A87731EDE5E87716994A4
[validFrom] => 190218043715Z
[validTo] => 190519043715Z
[validFrom_time_t] => 1550464635
[validTo_time_t] => 1558240635
[signatureTypeSN] => RSA-SHA256
[signatureTypeLN] => sha256WithRSAEncryption
[signatureTypeNID] => 668
[purposes] => Array
(
[1] => Array
(
[0] => 1
[1] =>
[2] => sslclient
)
[2] => Array
(
[0] => 1
[1] =>
[2] => sslserver
)
[3] => Array
(
[0] => 1
[1] =>
[2] => nssslserver
)
[4] => Array
(
[0] =>
[1] =>
[2] => smimesign
)
[5] => Array
(
[0] =>
[1] =>
[2] => smimeencrypt
)
[6] => Array
(
[0] =>
[1] =>
[2] => crlsign
)
[7] => Array
(
[0] => 1
[1] => 1
[2] => any
)
[8] => Array
(
[0] => 1
[1] =>
[2] => ocsphelper
)
[9] => Array
(
[0] =>
[1] =>
[2] => timestampsign
)
)
[extensions] => Array
(
[keyUsage] => Digital Signature, Key Encipherment
[extendedKeyUsage] => TLS Web Server Authentication, TLS Web Client Authentication
[basicConstraints] => CA:FALSE
[subjectKeyIdentifier] => 97:68:84:CA:0E:DE:61:BD:91:C9:3A:E3:C9:50:B2:43:81:26:E5:E7
[authorityKeyIdentifier] => keyid:A8:4A:6A:63:04:7D:DD:BA:E6:D1:39:B7:A6:45:65:EF:F3:A8:EC:A1
[authorityInfoAccess] => OCSP - URI:http://ocsp.int-x3.letsencrypt.org
CA Issuers - URI:http://cert.int-x3.letsencrypt.org/
[subjectAltName] => DNS:8100.cc
[certificatePolicies] => Policy: 2.23.140.1.2.1
Policy: 1.3.6.1.4.1.44947.1.1.1
CPS: http://cps.letsencrypt.org
[ct_precert_scts] => Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : E2:69:4B:AE:26:E8:E9:40:09:E8:86:1B:B6:3B:83:D4:
3E:E7:FE:74:88:FB:A4:8F:28:93:01:9D:DD:F1:DB:FE
Timestamp : Feb 18 05:37:15.226 2019 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:20:0E:EF:54:91:AD:1D:EB:A6:32:9A:B1:6A:
D9:D4:DF:C0:B9:A2:63:0C:86:67:59:79:A6:A6:CA:37:
EF:3B:45:04:02:21:00:EC:27:70:EA:8A:E0:15:B8:0E:
63:7C:91:76:2F:84:2D:D0:79:61:53:8E:ED:1A:6F:13:
A9:7E:89:2A:90:1F:90
Signed Certificate Timestamp:
Version : v1 (0x0)
Log ID : 29:3C:51:96:54:C8:39:65:BA:AA:50:FC:58:07:D4:B7:
6F:BF:58:7A:29:72:DC:A4:C3:0C:F4:E5:45:47:F4:78
Timestamp : Feb 18 05:37:15.227 2019 GMT
Extensions: none
Signature : ecdsa-with-SHA256
30:45:02:21:00:F3:57:C2:C2:F3:A4:E5:6B:9B:C0:36:
54:CC:53:01:6A:05:E4:C9:1C:9B:69:99:06:DD:98:A7:
F5:C7:48:6C:A4:02:20:5D:19:D0:28:86:FB:0F:1A:61:
D4:EA:F3:0D:2D:27:69:B4:04:B2:84:DB:B2:DC:20:26:
F5:3D:A0:46:44:6D:74
)
)
过期时间:2019-05-19
网友评论