To get the real timestamps as integer values for the validity daterange you can use as follows:
<?php
$data = openssl_x509_parse(file_get_contents('/path/to/cert.crt'));
$validFrom = date('Y-m-d H:i:s', $data['validFrom_time_t']);
$validTo ) date('Y-m-d H:i:s', $data['validTo_time_t']);
echo $validFrom . "\n";
echo $validTo . "\n";
?>
PHP - Manual: openssl_x509_read
2024-04-28
openssl_x509_read
(PHP 4 >= 4.0.6, PHP 5, PHP 7, PHP 8)
openssl_x509_read — 解析一个x.509证书并返回一个资源标识符
说明
openssl_x509_read() 解析x509certdata提供的证书,并返回一个资源标识符。
返回值
成功,返回一个资源标识符, 或者在失败时返回 false.
add a note
User Contributed Notes 3 notes
marc theat nwd thedot mx ¶
11 years ago
Anonymous ¶
19 years ago
After some tests I've been able to get some results this way ...
<?php
$fp = fopen("/etc/httpd/conf/ssl/moncertif.crt", "r");
$cert = fread($fp, 8192);
fclose($fp);
echo "Read<br>";
echo openssl_x509_read($cert);
echo "<br>";
echo "*********************";
echo "<br>";
echo "Parse<br>";
print_r(openssl_x509_parse($cert));
/*
// or
print_r(openssl_x509_parse( openssl_x509_read($cert) ) );
*/
?>
enjoy
;)
anthony dot whitehead at rfv dot sfa dot se ¶
19 years ago
Short HOWTO for getting data out of a client certificate via an SSL enabled iPlanet (Netscape Enterprise or Sun ONE) web server.
The iPlanet server sets $_SERVER["CLIENT_CERT"] whenever a client authenticates with a certificate. This variable contains an encoded representation of the certificate presented by the client. This in itself is useless to scripts or applications, we need to extract the actual information from the encoding. It turns out that we are in luck, the encoding is NEARLY a standard PEM encoding which can be read by the openssl_x509_read() function. A standard PEM has a begin line, an end line and inbetween is a base64 encoding of the DER representation of the certificate. PEM requires that linefeeds be present every 64 characters, however this is already the case with our CLIENT_CERT variable. For some reason the iPlanet server neglects to attach the begin and end headers, all that is required to allow access to the certificate is replacing these headers. Here is a small code excerpt for doing just that and printing out the raw certificate data.
<?php
$beginpem = "-----BEGIN CERTIFICATE-----\n";
$endpem = "-----END CERTIFICATE-----\n";
// Small function to print the data recursivly.
function print_element($item, $key)
{
if( is_array( $item ) )
{
echo "$key is Array:\n";
array_walk( $item, 'print_element' );
echo "$key done\n";
}
else
echo "$key = $item\n";
}
// Build the PEM string.
$pemdata = $beginpem.$_SERVER["CLIENT_CERT"]."\n".$endpem;
// Get a certificate resource from the PEM string.
$cert = openssl_x509_read( $pemdata );
// Parse the resource and print out the contents.
$cert_data = openssl_x509_parse( $cert );
array_walk( $cert_data, 'print_element' );
// Free the resource
openssl_x509_free( $cert );
?>
官方地址:https://www.php.net/manual/en/function.openssl-x509-read.php
IT
PHP
编程语言
Linux
科技
开发编程
Elasticsearch
HTML/CSS/XML
网络
JAVA
NoSQL
C/C++
面试
Golang
数据库
Git
算法
正则表达式
操作系统
Redis
互联网
MySql
JavaScript
运维
软件
架构设计
Mac OS
TCP/IP
国际
Excel
Vim
Windows
Socket
Oracle
VR
MongoDB
运营
Python
MemCache
商业
硬件
电子
设计
nginx
娱乐
摄影
游戏
WordPress
HTTP
团建
数码电器
广告
广告
php7 安装fileinfo扩展
preg_split — 通过一个正则表达式分隔字符串
[PHP] inet_pton/inet_ntop IP地址转换函数
php位值,解决 PHP 中 usort 在值相同时改变原始位置的问题
PHPMailer设置utf8 PHPMailer字符集CharSet
如何在Composer中为GitLab实例设置访问令牌
array_multisort() 多字段排序
laravel框架查看sql语句方式
[原创]诡异的php-fpm超时问题
PHP获取指定函数定义在哪个文件中及行号
利用php soap实现web service
php设置cookie为httponly防止xss攻击
PHP5 扩展SOAP 调用 webservice
PHP-FPM进程数的设定
PHP7添加redis扩展
adodb手册
ADOConnection 公用函数
利用PHP SOAP实现WEB SERVICE
Composer的Packagist资源
PHPstorm 里面Terminal 不能使用 esc键吗退出编辑模式吗