Documentation

Ssl
in package

FinalYes

SSL utilities for Requests

Collection of utilities for working with and verifying SSL certificates.

Table of Contents

Methods

match_domain()  : bool
Match a hostname against a dNSName reference
verify_certificate()  : bool
Verify the certificate against common name and subject alternative names
verify_reference_name()  : bool
Verify that a reference name is valid

Methods

match_domain()

Match a hostname against a dNSName reference

public static match_domain(string|Stringable $host, string|Stringable $reference) : bool
Parameters
$host : string|Stringable

Requested host

$reference : string|Stringable

dNSName to match against

Tags
throws
InvalidArgument

When either of the passed arguments is not a string or a stringable object.

Return values
bool

Does the domain match?

verify_certificate()

Verify the certificate against common name and subject alternative names

public static verify_certificate(string|Stringable $host, array<string|int, mixed> $cert) : bool

Unfortunately, PHP doesn't check the certificate against the alternative names, leading things like 'https://www.github.com/' to be invalid.

Parameters
$host : string|Stringable

Host name to verify against

$cert : array<string|int, mixed>

Certificate data from openssl_x509_parse()

Tags
link

RFC2818, Section 3.1

throws
InvalidArgument

When the passed $host argument is not a string or a stringable object.

throws
InvalidArgument

When the passed $cert argument is not an array or array accessible.

Return values
bool

verify_reference_name()

Verify that a reference name is valid

public static verify_reference_name(string|Stringable $reference) : bool

Verifies a dNSName for HTTPS usage, (almost) as per Firefox's rules:

  • Wildcards can only occur in a name with more than 3 components
  • Wildcards can only occur as the last character in the first component
  • Wildcards may be preceded by additional characters

We modify these rules to be a bit stricter and only allow the wildcard character to be the full first component; that is, with the exclusion of the third rule.

Parameters
$reference : string|Stringable

Reference dNSName

Tags
throws
InvalidArgument

When the passed argument is not a string or a stringable object.

Return values
bool

Is the name valid?


        
On this page

Search results