Is it possible to read SSL information in PHP from any website?

Question

I want to know is it possible to read information from other parties using PHP about their SSL certificate information, I've tried to find about it for ages but there's no real answer that has been found for me.

For example, I input "www.paypal.com" into the script and it will return the following:

Authority: VeriSign, Inc
Expires: 18th February 2011 (18/02/11)
Type: Extended Validation
Host: www.paypal.com
MD5: a8e7o7a8e9e9
SHA1: c2a4a1e4e3a2

And, whatever else is possible to obtain. I would like the script in PHP please.

See http://stackoverflow.com/questions/3081042/how-to-get-ssl-certificate-info-with-curl-in-php/3081093#3081093 — Artefacto, Aug 12 '10 at 10:28

score 7 · Answer 1 · answered Sep 28 '10 at 21:12

<?php
$g = stream_context_create (array("ssl" => array("capture_peer_cert" => true)));
$r = stream_socket_client("ssl://www.google.com:443", $errno, $errstr, 30,
    STREAM_CLIENT_CONNECT, $g);
$cont = stream_context_get_params($r);
print_r( openssl_x509_parse($cont["options"]["ssl"]["peer_certificate"]) );
?>

Saddam H · Answer 2 · 2017-09-08T11:59:00.277

I have written a PHP class for getting SSL information:

class SSL {

    public $domain, $validFrom, $validTo, $issuer, $validity, $validitytot, $crtValRemaining;

    private static function instantiate($url, $info) {
        $obj = new static;
        $obj->domain = $url;
        $obj->validFrom = $info['validFrom'];
        $obj->validTo = $info['validTo'];
        $obj->issuer = $info['issuer'];
        $obj->validity = $info['validity'];
        $obj->validitytot = $info['validitytot'];
        $obj->crtValRemaining = $info['crtValRemaining'];

        return $obj;
    }

    public static function getSSLinfo($url) {
        $ssl_info = [];
        $certinfo = static::getCertificateDetails($url);
        $validFrom_time_t_m = static::dateFormatMonth($certinfo['validFrom_time_t']);
        $validTo_time_t_m = static::dateFormatMonth($certinfo['validTo_time_t']);

        $validFrom_time_t = static::dateFormat($certinfo['validFrom_time_t']);
        $validTo_time_t = static::dateFormat($certinfo['validTo_time_t']);
        $current_t = static::dateFormat(time());

        $ssl_info['validFrom'] = $validFrom_time_t_m;
        $ssl_info['validTo'] = $validTo_time_t_m;
        $ssl_info['issuer'] = $certinfo['issuer']['O'];

        $ssl_info['validity'] = static::diffDate($current_t, $validTo_time_t)." days";
        $ssl_info['validitytot'] = (static::diffDate($validFrom_time_t, $validTo_time_t)-1).' days';

        $ssl_info['crtValRemaining'] =$certinfo['validTo_time_t'];

        return static::instantiate($url, $ssl_info); // return an object
    }

    private static function getCertificateDetails($url) {
        $urlStr = strtolower(trim($url)); 

        $parsed = parse_url($urlStr);// add http://
        if (empty($parsed['scheme'])) {
            $urlStr = 'http://' . ltrim($urlStr, '/');
        }
        $orignal_parse = parse_url($urlStr, PHP_URL_HOST);
        $get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE)));
        $read = stream_socket_client("ssl://".$orignal_parse.":443", $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $get);
        $cert = stream_context_get_params($read);
        $certinfo = openssl_x509_parse($cert['options']['ssl']['peer_certificate']);
        return $certinfo;
    }

    private static function dateFormat($stamp) {
        return  strftime("%Y-%m-%d", $stamp);
    }

    private static function dateFormatMonth($stamp) {
        return  strftime("%Y-%b-%d", $stamp);
    }

    private static function diffDate($from, $to) {
        $date1=date_create($from);
        $date2=date_create($to);
        $diff=date_diff($date1,$date2);
        return ltrim($diff->format("%R%a"), "+");
    }

}

EX:

$certInfo = SSL::getSSLinfo('stackoverflow.com'); 
echo $certInfo->validFrom .'<br>';
echo $certInfo->validTo .'<br>';
echo $certInfo->issuer .'<br>';
echo $certInfo->validity .'<br>';
echo $certInfo->validitytot .'<br>';
echo $certInfo->crtValRemaining .'<br>';

[Make sure you understand the "instantiate" method inside SSL class]. Thank you...

This should be the accepted answer - this works for all test cases for me — Arthur, Oct 17 '17 at 03:33
required a lot of recoding for me to suit my taste and application... but this got me there! +1 — aequalsb, Feb 15 '23 at 21:32

score 2 · Answer 3 · answered Aug 12 '10 at 01:59

2

PHP's OpenSSL functions like openssl_x509_parse should help you out.

answered Aug 12 '10 at 01:59

bcosca

17,371
5
40
51

How would I build it to read from a site's SSL information? I don't know how to obtain SSL information from a third party website. – Bilawal Hameed Aug 12 '10 at 05:01
The bad thing about this function is that PHP has a remote code execution vulnerability in older versions before 5.6, identified as CVE-2013-6420. See https://github.com/composer/ca-bundle/blob/master/src/CaBundle.php#L184 for the complicated way Composer tries to identify if the PHP it is running on is safe. – Sven Jul 11 '16 at 13:51

Is it possible to read SSL information in PHP from any website?

3 Answers3

Linked