• PHP. Как чекнуть наличиет SSL-сертификата у стороннего сайта?

    BuriK666
    @BuriK666
    Компьютерный псих
    Можно попробовать распарсить вывод openssl
    openssl s_client -showcerts -servername toster.ru -verify_hostname toster.ru -connect toster.ru:443  < /dev/null

    Результат будет примерно такой:
    CONNECTED(00000003)
    ---
    Certificate chain
    0 s:/OU=Domain Control Validated/OU=PositiveSSL/CN=toster.ru
    i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
    -----BEGIN CERTIFICATE-----
    MIIFQDCCBCigAwIBAgIRAPDn9ZEejZ7+3m2TPRxPF7swDQYJKoZIhvcNAQELBQAw
    gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
    BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
    VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
    Q0EwHhcNMTYwOTEzMDAwMDAwWhcNMTkxMDAzMjM1OTU5WjBNMSEwHwYDVQQLExhE
    b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFDASBgNVBAsTC1Bvc2l0aXZlU1NMMRIw
    EAYDVQQDEwl0b3N0ZXIucnUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
    AQDOwVtxFIzRSHQcZ/JmtpmreyJFyd9X1OQBKbC9oY+bgHS7m57U+JBnljNfJYIg
    RC+PntX5Oilx9fPQWWPpWGNQu2yu8ozfCM+fTkrtGFwUPR1/WGko5o980iccAX7P
    ajepkBQmzKDaPuueMMVMKuPddTe6cQq8TkLnLccfcSkwMIeJVjUYr98V+DiPGvVD
    RkK/8S8QITrrUusmM22F0rFttsG0Oak0vmpmjo5JkCYseBXkOF5jrfhlIeeTM7QE
    SFByyZxlEo8Z4iQVD5a/qnGi6N5hQnFshh6pnKcWjRI88X/KdSWFwSpxOp1oM/9I
    z/qFGjZFIA7IQ31GVNmi7LxFAgMBAAGjggHVMIIB0TAfBgNVHSMEGDAWgBSQr2o6
    lFoL2JDqElZz30O0Oija5zAdBgNVHQ4EFgQUEpdjV59WrQf56ETch4Wa1qAtN4kw
    DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
    AwEGCCsGAQUFBwMCME8GA1UdIARIMEYwOgYLKwYBBAGyMQECAgcwKzApBggrBgEF
    BQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQIBMFQG
    A1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JT
    QURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYUGCCsGAQUFBwEB
    BHkwdzBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RP
    UlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAkBggrBgEFBQcw
    AYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMCMGA1UdEQQcMBqCCXRvc3Rlci5y
    dYINd3d3LnRvc3Rlci5ydTANBgkqhkiG9w0BAQsFAAOCAQEAPkxyf8ECsIzyinFE
    KCitLjOfasSey098/ZZWtjeAhJoZ5MydS+GXqeXsT4r/0CnR8Nj/AX3qi4+00lrB
    uRpJWj3o2qbDY6nRnu1IqfChgNh6cmgMmceSw0JmnsyS3Um0vUgG6sYez8D4LShy
    4SA/E30V49fxDgqGW2svXc2TSQZ0lWjgu5/IZzcef6q5sCNZk7CbaYNqvc0DxKag
    8ba+a3xHdxxQCzx1saIcRqb5vxxnBgU/HKX5a7uOlQBhkUt4NWWwcmlSHYFKMTFY
    Zqt3DIdj25F22Nfsin7e1IYqxCe0n5fAqw0ak36DtCiZ/g9Xaw0/+UYTQK2SSASU
    jnoyoQ==
    -----END CERTIFICATE-----
    1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
    i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
    -----BEGIN CERTIFICATE-----
    MIIGCDCCA/CgAwIBAgIQKy5u6tl1NmwUim7bo3yMBzANBgkqhkiG9w0BAQwFADCB
    hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
    A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
    BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEy
    MDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
    EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
    Q09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZh
    bGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
    ADCCAQoCggEBAI7CAhnhoFmk6zg1jSz9AdDTScBkxwtiBUUWOqigwAwCfx3M28Sh
    bXcDow+G+eMGnD4LgYqbSRutA776S9uMIO3Vzl5ljj4Nr0zCsLdFXlIvNN5IJGS0
    Qa4Al/e+Z96e0HqnU4A7fK31llVvl0cKfIWLIpeNs4TgllfQcBhglo/uLQeTnaG6
    ytHNe+nEKpooIZFNb5JPJaXyejXdJtxGpdCsWTWM/06RQ1A/WZMebFEh7lgUq/51
    UHg+TLAchhP6a5i84DuUHoVS3AOTJBhuyydRReZw3iVDpA3hSqXttn7IzW3uLh0n
    c13cRTCAquOyQQuvvUSH2rnlG51/ruWFgqUCAwEAAaOCAWUwggFhMB8GA1UdIwQY
    MBaAFLuvfgI9+qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSQr2o6lFoL2JDqElZz
    30O0Oija5zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNV
    HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgG
    BmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNv
    bS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB
    AQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E
    T1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v
    ZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAE4rdk+SHGI2ibp3wScF9BzWRJ2p
    mj6q1WZmAT7qSeaiNbz69t2Vjpk1mA42GHWx3d1Qcnyu3HeIzg/3kCDKo2cuH1Z/
    e+FE6kKVxF0NAVBGFfKBiVlsit2M8RKhjTpCipj4SzR7JzsItG8kO3KdY3RYPBps
    P0/HEZrIqPW1N+8QRcZs2eBelSaz662jue5/DJpmNXMyYE7l3YphLG5SEXdoltMY
    dVEVABt0iN3hxzgEQyjpFv3ZBdRdRydg1vs4O2xyopT4Qhrf7W8GjEXCBgCq5Ojc
    2bXhc3js9iPc0d1sjhqPpepUfJa3w/5Vjo1JXvxku88+vZbrac2/4EjxYoIQ5QxG
    V/Iz2tDIY+3GH5QFlkoakdH368+PUq4NCNk+qKBR6cGHdNXJ93SrLlP7u3r7l+L4
    HyaPs9Kg4DdbKDsx5Q5XLVq4rXmsXiBmGqW5prU5wfWYQ//u+aen/e7KJD2AFsQX
    j4rBYKEMrltDR5FL1ZoXX/nUh8HCjLfn4g8wGTeGrODcQgPmlKidrv0PJFGUzpII
    0fxQ8ANAe4hZ7Q7drNJ3gjTcBpUC2JD5Leo31Rpg0Gcg19hCC0Wvgmje3WYkN5Ap
    lBlGGSW4gNfL1IYoakRwJiNiqZ+Gb7+6kHDSVneFeO/qJakXzlByjAA6quPbYzSf
    +AZxAeKCINT+b72x
    -----END CERTIFICATE-----
    2 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
    i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
    -----BEGIN CERTIFICATE-----
    MIIFdDCCBFygAwIBAgIQJ2buVutJ846r13Ci/ITeIjANBgkqhkiG9w0BAQwFADBv
    MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
    ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF
    eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow
    gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
    BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
    VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkq
    hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkehUktIKVrGsDSTdxc9EZ3SZKzejfSNw
    AHG8U9/E+ioSj0t/EFa9n3Byt2F/yUsPF6c947AEYe7/EZfH9IY+Cvo+XPmT5jR6
    2RRr55yzhaCCenavcZDX7P0N+pxs+t+wgvQUfvm+xKYvT3+Zf7X8Z0NyvQwA1onr
    ayzT7Y+YHBSrfuXjbvzYqOSSJNpDa2K4Vf3qwbxstovzDo2a5JtsaZn4eEgwRdWt
    4Q08RWD8MpZRJ7xnw8outmvqRsfHIKCxH2XeSAi6pE6p8oNGN4Tr6MyBSENnTnIq
    m1y9TBsoilwie7SrmNnu4FGDwwlGTm0+mfqVF9p8M1dBPI1R7Qu2XK8sYxrfV8g/
    vOldxJuvRZnio1oktLqpVj3Pb6r/SVi+8Kj/9Lit6Tf7urj0Czr56ENCHonYhMsT
    8dm74YlguIwoVqwUHZwK53Hrzw7dPamWoUi9PPevtQ0iTMARgexWO/bTouJbt7IE
    IlKVgJNp6I5MZfGRAy1wdALqi2cVKWlSArvX31BqVUa/oKMoYX9w0MOiqiwhqkfO
    KJwGRXa/ghgntNWutMtQ5mv0TIZxMOmm3xaG4Nj/QN370EKIf6MzOi5cHkERgWPO
    GHFrK+ymircxXDpqR+DDeVnWIBqv8mqYqnK8V0rSS527EPywTEHl7R09XiidnMy/
    s1Hap0flhFMCAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9/rEJlTvA73g
    JMtUGjAdBgNVHQ4EFgQUu69+Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH/BAQD
    AgGGMA8GA1UdEwEB/wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1UdHwQ9
    MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4dGVy
    bmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0dHA6
    Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAGS/g/FfmoXQ
    zbihKVcN6Fr30ek+8nYEbvFScLsePP9NDXRqzIGCJdPDoCpdTPW6i6FtxFQJdcfj
    Jw5dhHk3QBN39bSsHNA7qxcS1u80GH4r6XnTq1dFDK8o+tDb5VCViLvfhVdpfZLY
    Uspzgb8c8+a4bmYRBbMelC1/kZWSWfFMzqORcUx8Rww7Cxn2obFshj5cqsQugsv5
    B5a6SE2Q8pTIqXOi6wZ7I53eovNNVZ96YUWYGGjHXkBrI/V5eu+MtWuLt29G9Hvx
    PUsE2JOAWVrgQSQdso8VYFhH2+9uRv0V9dlfmrPb2LjkQLPNlzmuhbsdjrzch5vR
    pu/xO28QOG8=
    -----END CERTIFICATE-----
    ---
    Server certificate
    subject=/OU=Domain Control Validated/OU=PositiveSSL/CN=toster.ru
    issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
    ---
    No client certificate CA names sent
    Peer signing digest: SHA512
    Server Temp Key: ECDH, P-256, 256 bits
    ---
    SSL handshake has read 4976 bytes and written 452 bytes
    ---
    New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
    Server public key is 2048 bit
    Secure Renegotiation IS supported
    Compression: NONE
    Expansion: NONE
    No ALPN negotiated
    SSL-Session:
    Protocol : TLSv1.2
    Cipher : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: EDD7BAA05F548B6A3BC8F19F9C28E5414677B830CEE811E66178B36D57E6FCFB
    Session-ID-ctx:
    Master-Key: 036ABEA2843584444AB8E46CDDA2AAC06630FBFCFD60A236664E7A55511F1D6A05F910F438D4B2EA56F6CCCFC9484853
    Key-Arg : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 600 (seconds)
    TLS session ticket:
    0000 - f9 98 a7 5f 94 07 d8 2f-02 23 ed d3 ae 00 da 55 ..._.../.#.....U
    0010 - 6d 9d 9e ea 5a 0f 08 7c-47 30 55 a4 55 b4 a5 f9 m...Z..|G0U.U...
    0020 - bd e3 8f 58 03 6e cc 6b-03 14 b3 91 de 69 c5 77 ...X.n.k.....i.w
    0030 - 8e c2 b1 38 da a9 49 81-35 fc 71 27 32 43 88 5a ...8..I.5.q'2C.Z
    0040 - 7c 7f 71 c7 16 ba a6 a0-cc 97 ce 07 94 95 5f ce |.q..........._.
    0050 - 48 d5 16 1f b0 71 76 3f-c2 ea 6d 2b 0b 3e 27 8d H....qv?..m+.>'.
    0060 - 78 98 80 e3 68 02 a5 e8-ad f2 eb 02 5b ff 82 2d x...h.......[..-
    0070 - 21 e5 7b d2 2b 70 de 27-28 0f 70 b9 8e 81 2f 93 !.{.+p.'(.p.../.
    0080 - 68 0f 29 77 63 01 28 6b-37 e6 56 c3 23 85 b3 4d h.)wc.(k7.V.#..M
    0090 - 13 37 27 02 96 b5 6b e1-0e 43 2e 13 f9 48 79 1b .7'...k..C...Hy.
    00a0 - dd 82 5f 71 e5 a0 ff e4-4c f0 aa 64 d7 68 ba 3f .._q....L..d.h.?

    Start Time: 1476978798
    Timeout : 300 (sec)
    Verify return code: 0 (ok)
    ---
    Ответ написан
    Комментировать