Edit report at https://bugs.php.net/bug.php?id=53785&edit=1
ID: 53785
Comment by: msn at searchy dot nl
Reported by: BenBE at geshi dot org
Summary: Way to query a X.509 certificate fingerprint
Status: Open
Type: Feature/Change Request
Package: OpenSSL related
Operating System: Debian
PHP Version: 5.3.5
Block user comment: N
Private report: N
New Comment:
The fingerprint is nothing more than the md5 or sha1 sum of the certificate.
When you take ther certificate, strip it of the begin and end tag, base64
decode the content and md5 that, you'll get the fingerprint.
Sample code:
$newcert = preg_replace("/-----BEGIN CERTIFICATE-----|-----END
CERTIFICATE-----/","",$cert);
$b64 = base64_decode($newcert);
echo "MD5 fingerprint: " . md5($b64) . "\n";
Previous Comments:
------------------------------------------------------------------------
[2011-01-19 06:38:49] BenBE at geshi dot org
Description:
------------
When reading a X.509 certificate file (or fetching the certificate from an SSL
connection) there is no straight forward way to query the certificate's
fingerprint as shown by browsers when viewing the site's certificate.
The output of openssl_x509_parse doesn't contain the fingerprint while
openssl_x509_export might contain it in a hard to parse string representation.
------------------------------------------------------------------------
--
Edit this bug report at https://bugs.php.net/bug.php?id=53785&edit=1
