Edit report at https://bugs.php.net/bug.php?id=53785&edit=1
ID: 53785
Updated by: m...@php.net
Reported by: BenBE at geshi dot org
Summary: Way to query a X.509 certificate fingerprint
-Status: Open
+Status: Closed
Type: Feature/Change Request
Package: OpenSSL related
Operating System: Debian
PHP Version: 5.3.5
-Assigned To:
+Assigned To: mike
Block user comment: N
Private report: N
New Comment:
Feature by Tjerk Meesters in master.
Previous Comments:
------------------------------------------------------------------------
[2012-01-27 09:29:41] msn at searchy dot nl
The fingerprint is nothing more than the md5 or sha1 sum of the certificate.
When you take ther certificate, strip it of the begin and end tag, base64
decode the content and md5 that, you'll get the fingerprint.
Sample code:
$newcert = preg_replace("/-----BEGIN CERTIFICATE-----|-----END
CERTIFICATE-----/","",$cert);
$b64 = base64_decode($newcert);
echo "MD5 fingerprint: " . md5($b64) . "\n";
------------------------------------------------------------------------
[2011-01-19 06:38:49] BenBE at geshi dot org
Description:
------------
When reading a X.509 certificate file (or fetching the certificate from an SSL
connection) there is no straight forward way to query the certificate's
fingerprint as shown by browsers when viewing the site's certificate.
The output of openssl_x509_parse doesn't contain the fingerprint while
openssl_x509_export might contain it in a hard to parse string representation.
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=53785&edit=1
