Hi All,
I'm a PHP newbie and Im really having difficulty with client-server
certificate validation using Openssl and PHP. If somehow you know of a
tutorial, a website or sample PHP codes that checks (expired, revoked) and
validates client certificates, it would be of great help.
I already tried using $_SERVER variable and I was able to extract
the infos on the certificate and simply compare the dates for expiration and
the other parts for validation but I know this is a bad idea. That it would
be a good practice to use PHPs openssl functions instead.
Here's my code:
<?php
echo "CLIENT <br>";
echo "Issuer: " . $_SERVER['SSL_CLIENT_I_DN'];
echo "<br>";
echo "Subject: " . $_SERVER['SSL_CLIENT_S_DN'];
echo "<br>";
echo "Validity Start: " . $_SERVER['SSL_CLIENT_V_START'];
echo "<br>";
echo "Validity End: " . $_SERVER['SSL_CLIENT_V_END'];
echo "<br><br> SERVER <br>";
echo "Issuer: " . $_SERVER['SSL_SERVER_I_DN'];
echo "<br>";
echo "Subject: " . $_SERVER['SSL_SERVER_S_DN'];
echo "<br>";
echo "Validity Start: " . $_SERVER['SSL_SERVER_V_START'];
echo "<br>";
echo "Validity End: " . $_SERVER['SSL_SERVER_V_END'];
--- then comparisons occur next -------
?>
Please help me...
TIA,
Richard
PS. By the way, we converted our client certificates to PKCS#12 certificates
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
