Edit report at https://bugs.php.net/bug.php?id=55618&edit=1
ID: 55618 Updated by: cataphr...@php.net Reported by: fkooman at tuxed dot net Summary: CN_match case insenstive compare Status: Open Type: Bug Package: OpenSSL related PHP Version: trunk-SVN-2011-09-06 (SVN) Block user comment: N Private report: N New Comment: I wouldn't be comfortable using a locale dependent function like strcasecmp() for something as matching names. Previous Comments: ------------------------------------------------------------------------ [2011-09-06 09:05:54] fkooman at tuxed dot net Description: ------------ CN_match does a case sensitive match to compare the name in the certificate with the name specified in the context. It should be a case insensitive match. Test script: --------------- <?php $uri = 'https://ib-groep.nl/'; $hostname = 'ib-groep.nl'; $context = stream_context_create(array( 'ssl' => array( 'verify_peer' => TRUE, 'allow_self_signed' => FALSE, 'cafile' => '/etc/pki/tls/certs/ca-bundle.trust.crt', 'CN_match' => $hostname ) )); $web_content = file_get_contents($uri, FALSE, $context); ?> Expected result: ---------------- The script should not throw any warning and fill $web_content with the data from the website. Actual result: -------------- PHP Warning: file_get_contents(): Peer certificate CN=`IB-Groep.nl' did not match expected CN=`ib-groep.nl' in /home/fkooman/test.php on line 20 ------------------------------------------------------------------------ -- Edit this bug report at https://bugs.php.net/bug.php?id=55618&edit=1
