SSL utilities for Requests

Collection of utilities for working with and verifying SSL certificates.

package Requests
subpackage Utilities

 Methods

Match a hostname against a dNSName reference

match_domain(string $host, string $reference) : boolean
Static

Parameters

$host

string

Requested host

$reference

string

dNSName to match against

Returns

booleanDoes the domain match?

Verify the certificate against common name and subject alternative names

verify_certificate(string $host, array $cert) : boolean
Static

Unfortunately, PHP doesn't check the certificate against the alternative names, leading things like 'https://www.github.com/' to be invalid. Instead

see RFC2818, Section 3.1

Parameters

$host

string

Host name to verify against

$cert

array

Certificate data from openssl_x509_parse()

Exceptions

\Requests_Exception On not obtaining a match for the host (`fsockopen.ssl.no_match`)

Returns

boolean

Verify that a reference name is valid

verify_reference_name(string $reference) : boolean
Static

Verifies a dNSName for HTTPS usage, (almost) as per Firefox's rules:

  • Wildcards can only occur in a name with more than 3 components
  • Wildcards can only occur as the last character in the first component
  • Wildcards may be preceded by additional characters

We modify these rules to be a bit stricter and only allow the wildcard character to be the full first component; that is, with the exclusion of the third rule.

Parameters

$reference

string

Reference dNSName

Returns

booleanIs the name valid?