All geek questions in one place

How to check if a domain has an SSL certificate or not?

Is it possible to get data, for example, if a domain (say www.example.com ) is ready for HTTPS?

I need to check some URLs, whether they have SSL certificate or not. I know, using $_SERVER['HTTPS'] , we can check our server details. but how can I achieve the same for other domains.

Any help would be greatly appreciated.

+8
source share
4 answers

Finally, I got the following code:

 $stream = stream_context_create (array("ssl" => array("capture_peer_cert" => true))); $read = fopen("https://www.example.com", "rb", false, $stream); $cont = stream_context_get_params($read); $var = ($cont["options"]["ssl"]["peer_certificate"]); $result = (!is_null($var)) ? true : false;

If HTTPS is enabled for the domain, var_dump($var) gives output as shown:

 resource(4) of type (OpenSSL X.509)

If it does not exist, it returns NULL .

I checked several domains. It seems to be working fine. Hope this helps someone.

+11
source

This function not only checks whether the domain has an SSL certificate, but also confirms whether the certificate matches the requested domain.

The most important part is the openssl_x509_parse function, which parses the certificate and returns all the details as an array.

 function has_ssl( $domain ) { $res = false; $stream = @stream_context_create( array( 'ssl' => array( 'capture_peer_cert' => true ) ) ); $socket = @stream_socket_client( 'ssl://' . $domain . ':443', $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $stream ); // If we got a ssl certificate we check here, if the certificate domain // matches the website domain. if ( $socket ) { $cont = stream_context_get_params( $socket ); $cert_ressource = $cont['options']['ssl']['peer_certificate']; $cert = openssl_x509_parse( $cert_ressource ); // Expected name has format "/CN=*.yourdomain.com" $namepart = explode( '=', $cert['name'] ); // We want to correctly confirm the certificate even // for subdomains like "www.yourdomain.com" if ( count( $namepart ) == 2 ) { $cert_domain = trim( $namepart[1], '*. ' ); $check_domain = substr( $domain, -strlen( $cert_domain ) ); $res = ($cert_domain == $check_domain); } } return $res; }
+7
source

Here is another solution I found somewhere on github (can't find the repo again ...)

This is a similar approach to the accepted answer, but uses fsockopen for testing, if we can establish an SSL connection on port 443. If the connection is refused, then the domain does not have an ssl certificate.

 function has_ssl( $domain ) { $ssl_check = @fsockopen( 'ssl://' . $domain, 443, $errno, $errstr, 30 ); $res = !! $ssl_check; if ( $ssl_check ) { fclose( $ssl_check ); } return $res; } // Test it: print_r( has_ssl('google.com') );
+2
source

Yes, you can check if any domain has an SSL certificate or not.

  • Check HTTPS and the green padlock in the address bar.
  • Use SSL Checker to find detailed SSL certificate information.
  • Use a forced SSL certificate extension to verify the SSL certificate (since some webmasters forget to redirect the HTTP URL to the HTTPS URL, and Google considers both sites separate, so a forced URL will do this)
  • Try to put https manually in the address bar
0
source

Source: https://habr.com/ru/post/1210049/

More articles: