I'm getting almost everything I want but can't figure out how to get
the X509 signature algorithm so I can check for md5 badness. Any help?
Here's my test php:
<?php
$mode = "ssl";
$host = "pop.gmail.com";
$port = 995;
$ca_roots = 'CertificateStore.pem';
$site_cert = NULL;
$context = stream_context_create();
$result = stream_context_set_option($context, $mode, 'cafile',
$ca_roots);
$result = stream_context_set_option($context, $mode, 'verify_peer',
true);
$result = stream_context_set_option($context, $mode,
'capture_peer_cert', true);
if ($fp = stream_socket_client($mode.'://'.$host.':'.$port.'/',
$errno, $errstr, 30, STREAM_CLIENT_CONNECT, $context)) {
if ($options = stream_context_get_options($context)) {
var_dump($options);
if (isset($options[$mode]) && isset($options[$mode]
['peer_certificate'])) {
$site_cert = $options[$mode]['peer_certificate'];
}
}
fclose($fp);
}
if ($site_cert) {
openssl_x509_export($site_cert, $str_cert, true);
echo "Exported:<br>\n";
print_r($str_cert);
echo "Read:<br>\n";
echo openssl_x509_read($site_cert);
echo "Parse:<br>\n";
$ssl = openssl_x509_parse($site_cert, true);
print_r($ssl);
$pubkey = openssl_pkey_get_public($str_cert);
$keyinfo = openssl_pkey_get_details($pubkey);
var_dump($keyinfo);
}
?>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
