All geek questions in one place

Fingerprint PHP SSL

I need to display SSL fingerprints on web pages. Is this possible in PHP? Function

openssl_x509_parse

does not return SHA1 and MD5 fingerprints. How to solve this problem? Thanks.

+6
source share
5 answers

I would suggest that the easiest way is to call openssl through the system

 $fingerprint = str_replace("SHA1 Fingerprint=", '', system('openssl x509 -noout -in /path/to/your/cert.pem -fingerprint'));

And yes, I know, this is nothing but a clean way to do it, but it is the only one I can think of about the top of my head!

+1
source

I think you can generate a SHA fingerprint with the following code:

 $resource = openssl_x509_read($certificate); $fingerprint = null; $output = null; $result = openssl_x509_export($resource, $output); if($result !== false) { $output = str_replace('-----BEGIN CERTIFICATE-----', '', $output); $output = str_replace('-----END CERTIFICATE-----', '', $output); $output = base64_decode($output); $fingerprint = sha1($output); }
+13
source

Here is the best solution:

  function sha1_thumbprint($file) { $file = preg_replace('/\-+BEGIN CERTIFICATE\-+/','',$file); $file = preg_replace('/\-+END CERTIFICATE\-+/','',$file); $file = trim($file); $file = str_replace( array("\n\r","\n","\r"), '', $file); $bin = base64_decode($file); return sha1($bin); }
+4
source

Starting with PHP 5.6, you can use openssl_x509_fingerprint() :

 $cert = openssl_x509_read($certificate); $sha1_hash = openssl_x509_fingerprint($cert); // sha1 hash $md5_hash = openssl_x509_fingerprint($cert, 'md5'); // md5 hash

The feature is currently undocumented, but it will be fixed at release time; this is the function signature:

 openssl_x509_fingerprint($cert [, $hash_method = "sha1" [, $raw_output = false ] ] )
+1
source

Based on your info, I wrote a tiny certificate viewer in PHP

Use as a starting point to bake your own viewer.

0
source

Source: https://habr.com/ru/post/891019/

More articles:


All Articles