|
|
php.net | support | documentation | report a bug | advanced search | search howto | statistics | random bug | login |
[2011-01-19 06:38 UTC] BenBE at geshi dot org
Description: ------------ When reading a X.509 certificate file (or fetching the certificate from an SSL connection) there is no straight forward way to query the certificate's fingerprint as shown by browsers when viewing the site's certificate. The output of openssl_x509_parse doesn't contain the fingerprint while openssl_x509_export might contain it in a hard to parse string representation. PatchesPull RequestsHistoryAllCommentsChangesGit/SVN commits
|
|||||||||||||||||||||||||||||||||||||
Copyright © 2001-2025 The PHP GroupAll rights reserved. |
Last updated: Mon Oct 27 02:00:01 2025 UTC |
The fingerprint is nothing more than the md5 or sha1 sum of the certificate. When you take ther certificate, strip it of the begin and end tag, base64 decode the content and md5 that, you'll get the fingerprint. Sample code: $newcert = preg_replace("/-----BEGIN CERTIFICATE-----|-----END CERTIFICATE-----/","",$cert); $b64 = base64_decode($newcert); echo "MD5 fingerprint: " . md5($b64) . "\n";