How to pass client certificate in PHP?

Y

Yakov Akulov2014-06-26 09:19:44

PHP

Yakov Akulov, 2014-06-26 09:19:44

I'm trying to make authorization by self-signed certificates in my API.
I got to checking the certificate on the server and hung a little. I wanted to check certificates at the PHP level via OpenSSL, but I can't pass the necessary fastcgi_param via nginx. (there are no certificates sent by the client in $_SERVER)
I found a bunch of articles on how to check at the nginx level, but not a single one on how to simply pass certificates to PHP.
On the client side, I transfer client certificates signed by the server via curl like this:

$opts[CURLOPT_CAPATH] = '';
$opts[CURLOPT_CAINFO] = realpath(SRC_DIR .'/../etc/ssl/root_CA.crt');
$opts[CURLOPT_SSLCERT] = realpath(SRC_DIR .'/../etc/ssl/client.crt');
$opts[CURLOPT_SSLCERTPASSWD] = '';
$opts[CURLOPT_SSLKEY] = realpath(SRC_DIR .'/../etc/ssl/client.key');

plus add

CURLOPT_SSL_VERIFYHOST => 0,
CURLOPT_SSL_VERIFYPEER => 0,

Tell me, is it possible on nginx to do without checking the certificate at the web server level and transfer them to FastCGI - I did not find it in mana.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

I

Igor, 2014-06-26
@merryjane

In nginx, try installing:
Also look at the variables for the ngx_http_ssl_module module:
nginx.org/ru/docs/http/ngx_http_ssl_module.html
You can try to get the necessary information from them.