php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #81528 Support multiple peer_fingerprint values per algorithm
Submitted: 2021-10-16 00:54 UTC Modified: 2021-10-16 01:12 UTC
From: david at mandelberg dot org Assigned:
Status: Open Package: OpenSSL related
PHP Version: master-Git-2021-10-16 (Git) OS:
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: david at mandelberg dot org
New email:
PHP Version: OS:

 

 [2021-10-16 00:54 UTC] david at mandelberg dot org 
Description:
------------
Would it be possible to extend peer_fingerprint from https://www.php.net/manual/en/context.ssl.php to support an array of multiple fingerprints per algorithm, instead of just one? I don't currently see a way to configure secure certificate verification for a redundant service (where each server has its own certificate) without using a CA.

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2021-10-16 01:10 UTC] requinix@php.net 
Or easier, change the array form to support non-string keys (or ignore keys entirely) and instead deduce algorithm by the length - like it already does for the string form.
 [2021-10-16 01:12 UTC] david at mandelberg dot org 
I don't think deducing the algorithm from the length is a good idea long-term, because there are multiple good algorithms with the same output length. E.g., SHA-256 and SHA3-256.
 [2023-07-19 11:30 UTC] kjshelen34 at gmail dot com 
That was so amazing.
(https://github.com)(https://www.tellpopeyes.biz/)
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Fri May 09 09:01:26 2025 UTC