Hi All,

         I'm a PHP newbie and Im really having difficulty with client-server
certificate validation using Openssl and PHP. If somehow you know of a
tutorial, a website or sample PHP codes that checks (expired, revoked) and
validates client certificates, it would be of great help.

        I already tried using $_SERVER variable and I was able to extract
the infos on the certificate and simply compare the dates for expiration and
the other parts for validation but I know this is a bad idea. That it would
be a good practice to use PHPs openssl functions instead.

Here's my code:


echo "CLIENT <br>";
echo "Issuer: " . $_SERVER['SSL_CLIENT_I_DN'];
echo "<br>";
echo "Subject: " . $_SERVER['SSL_CLIENT_S_DN'];
echo "<br>";
echo "Validity Start: " . $_SERVER['SSL_CLIENT_V_START'];
echo "<br>";
echo "Validity End: " . $_SERVER['SSL_CLIENT_V_END'];

echo "<br><br> SERVER <br>";
echo "Issuer: " . $_SERVER['SSL_SERVER_I_DN'];
echo "<br>";
echo "Subject: " . $_SERVER['SSL_SERVER_S_DN'];
echo "<br>";
echo "Validity Start: " . $_SERVER['SSL_SERVER_V_START'];
echo "<br>";
echo "Validity End: " . $_SERVER['SSL_SERVER_V_END'];

--- then comparisons occur next -------


Please help  me...


PS. By the way, we converted our client certificates to PKCS#12 certificates

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to