php curl certificate: curlopt_certinfo: where is serial number hiding?

Question

Curl and the output: can't find the serial number of the certificate.

<?php
$curl = curl_init('https://www.comodo.com/');

curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_NOBODY, true);
curl_setopt($curl, CURLOPT_CERTINFO, true);
curl_setopt($curl, CURLOPT_VERBOSE, 1);



curl_exec($curl);

$info = curl_getinfo($curl);
$certs = $info["certinfo"];
?> <pre><?php echo var_dump($certs) ?></pre>

where is the certificate serial number hiding? can't find it in this example answer should be: 26:32:AC:57:23:86:91:BB:D5:88:D3:D8:E9:DA:0B:4E

note: other variables of the certificate are retrieved, except doesn't look like it includes certificate serial number.

possible duplicate of [How to get SSL certificate info with CURL in PHP?](http://stackoverflow.com/questions/3081042/how-to-get-ssl-certificate-info-with-curl-in-php) — René Höhle, Feb 14 '15 at 10:38
@Stony: I think the question was straightforward, cert_info does not appear to retrieve serial number of certificate. is that clear enough? — John, Feb 14 '15 at 11:04

score 1 · Accepted Answer · edited May 23 '17 at 12:12

Here's one solution. Curl provides access to the original Base64-encoded certificate, so you can parse it using openssl_x509_parse() to obtain the serial number as an integer string:

<?php
$curl = curl_init('https://www.comodo.com/');

curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_NOBODY, true);
curl_setopt($curl, CURLOPT_CERTINFO, true);
curl_setopt($curl, CURLOPT_VERBOSE, 1);
curl_exec($curl);

$certInfo   = curl_getinfo($curl, CURLINFO_CERTINFO);
$rawCert    = $certInfo[0]['Cert'];
$parsedCert = openssl_x509_parse($rawCert);
$serialNum  = $parsedCert['serialNumber'];

var_dump($serialNum);

This will output:

string(38) "50773774161050170991724859325180152654"

This is too large for dechex() to convert to hex. Instead, you could use this code which requires the BCMath extension:

function bcdechex($dec)
{
    $hex = '';
    do {
        $last = bcmod($dec, 16);
        $hex = dechex($last) . $hex;
        $dec = bcdiv(bcsub($dec, $last), 16);
    } while ($dec > 0);
    return $hex;
}

$serialNumHex = bcdechex($serialNum);
$serialNumHex = chunk_split($serialNumHex, 2, ':');
$serialNumHex = trim($serialNumHex, ':');

var_dump($serialNumHex);

This will output:

string(47) "26:32:ac:57:23:86:91:bb:d5:88:d3:d8:e9:da:0b:4e"

php curl certificate: curlopt_certinfo: where is serial number hiding?

1 Answers1