PHP. How to check if a third-party site has an SSL certificate?

D

Demon1X2016-10-20 18:23:45

API

Demon1X, 2016-10-20 18:23:45

Task. The user enters the site address into the form. My php script needs to find out if this site has an SSL certificate. If there is, it determines: the type of certificate, by whom it was issued, and for how long.
The first thing that comes to mind is to make a request to some https://sslanalyzer.comodoca.com and then parse the result.
But is there any other way to do it faster and more gracefully? For example, check the site using php itself, or get information using some third-party APIs?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Andrey Burov, 2016-10-20
@BuriK666

You can try to parse the output of openssl
The result will be something like this:

CONNECTED(00000003)
---
Certificate chain
0 s:/OU=Domain Control Validated/OU=PositiveSSL/CN=toster.ru
i:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/ COMODO RSA = CN Domain Secure Validation Server CA
----- ----- BEGIN CERTIFICATE
MIIFQDCCBCigAwIBAgIRAPDn9ZEejZ7 + 3m2TPRxPF7swDQYJKoZIhvcNAQELBQAw
gZAxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMTYwNAYD
VQQDEy1DT01PRE8gUlNBIERvbWFpbiBWYWxpZGF0aW9uIFNlY3VyZSBTZXJ2ZXIg
Q0EwHhcNMTYwOTEzMDAwMDAwWhcNMTkxMDAzMjM1OTU5WjBNMSEwHwYDVQQLExhE
b21haW4gQ29udHJvbCBWYWxpZGF0ZWQxFDASBgNVBAsTC1Bvc2l0aXZlU1NMMRIw
EAYDVQQDEwl0b3N0ZXIucnUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDOwVtxFIzRSHQcZ / JmtpmreyJFyd9X1OQBKbC9oY + bgHS7m57U JBnljNfJYIg +
RC + + PntX5Oilx9fPQWWPpWGNQu2yu8ozfCM fTkrtGFwUPR1 / WGko5o980iccAX7P
ajepkBQmzKDaPuueMMVMKuPddTe6cQq8TkLnLccfcSkwMIeJVjUYr98V + DiPGvVD
RkK / 8S8QITrrUusmM22F0rFttsG0Oak0vmpmjo5JkCYseBXkOF5jrfhlIeeTM7QE
SFByyZxlEo8Z4iQVD5a / qnGi6N5hQnFshh6pnKcWjRI88X / KdSWFwSpxOp1oM / 9I
z / qFGjZFIA7IQ31GVNmi7LxFAgMBAAGjggHVMIIB0TAfBgNVHSMEGDAWgBSQr2o6
lFoL2JDqElZz30O0Oija5zAdBgNVHQ4EFgQUEpdjV59WrQf56ETch4Wa1qAtN4kw
DgYDVR0PAQH / BAQDAgWgMAwGA1UdEwEB / wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
AwEGCCsGAQUFBwMCME8GA1UdIARIMEYwOgYLKwYBBAGyMQECAgcwKzApBggrBgEF
BQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwCAYGZ4EMAQIBMFQG
A1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0NPTU9ET1JT
QURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYUGCCsGAQUFBwEB
BHkwdzBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5jb21vZG9jYS5jb20vQ09NT0RP
UlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAkBggrBgEFBQcw
AYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMCMGA1UdEQQcMBqCCXRvc3Rlci5y
dYINd3d3LnRvc3Rlci5ydTANBgkqhkiG9w0BAQsFAAOCAQEAPkxyf8ECsIzyinFE
KCitLjOfasSey098 / ZZWtjeAhJoZ5MydS + GXqeXsT4r / 0CnR8Nj / AX3qi4 + 00lrB
uRpJWj3o2qbDY6nRnu1IqfChgNh6cmgMmceSw0JmnsyS3Um0vUgG6sYez8D4LShy
4SA / E30V49fxDgqGW2svXc2TSQZ0lWjgu5 / IZzcef6q5sCNZk7CbaYNqvc0DxKag
8ba + a3xHdxxQCzx1saIcRqb5vxxnBgU / HKX5a7uOlQBhkUt4NWWwcmlSHYFKMTFY
Zqt3DIdj25F22Nfsin7e1IYqxCe0n5fAqw0ak36DtCiZ / g9Xaw0 / + UYTQK2SSASU
jnoyoQ==
-----END CERTIFICATE-----
1 s:/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
i:/ GB = C / ST = Greater Manchester / Salford = L / O = COMODO Limited CA / CN = COMODO RSA Certification Authority
----- ----- BEGIN CERTIFICATE
MIIGCDCCA / CgAwIBAgIQKy5u6tl1NmwUim7bo3yMBzANBgkqhkiG9w0BAQwFADCB
hTELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxKzApBgNV
BAMTIkNPTU9ETyBSU0EgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMTQwMjEy
MDAwMDAwWhcNMjkwMjExMjM1OTU5WjCBkDELMAkGA1UEBhMCR0IxGzAZBgNVBAgT
EkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4GA1UEBxMHU2FsZm9yZDEaMBgGA1UEChMR
Q09NT0RPIENBIExpbWl0ZWQxNjA0BgNVBAMTLUNPTU9ETyBSU0EgRG9tYWluIFZh
bGlkYXRpb24gU2VjdXJlIFNlcnZlciBDQTCCASIwDQYJKoZIhvcNAQEBBQADggEP
ADCCAQoCggEBAI7CAhnhoFmk6zg1jSz9AdDTScBkxwtiBUUWOqigwAwCfx3M28Sh
bXcDow + G + eMGnD4LgYqbSRutA776S9uMIO3Vzl5ljj4Nr0zCsLdFXlIvNN5IJGS0
Qa4Al / e + Z96e0HqnU4A7fK31llVvl0cKfIWLIpeNs4TgllfQcBhglo / uLQeTnaG6
ytHNe + nEKpooIZFNb5JPJaXyejXdJtxGpdCsWTWM / 06RQ1A / WZMebFEh7lgUq / 51
UHg + TLAchhP6a5i84DuUHoVS3AOTJBhuyydRReZw3iVDpA3hSqXttn7IzW3uLh0n
c13cRTCAquOyQQuvvUSH2rnlG51 / ruWFgqUCAwEAAaOCAWUwggFhMB8GA1UdIwQY
MBaAFLuvfgI9 + qbxPISOre44mOzZMjLUMB0GA1UdDgQWBBSQr2o6lFoL2JDqElZz
30O0Oija5zAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH / BAgwBgEB / wIBADAdBgNV
HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGwYDVR0gBBQwEjAGBgRVHSAAMAgG
BmeBDAECATBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmNvbW9kb2NhLmNv
bS9DT01PRE9SU0FDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5LmNybDBxBggrBgEFBQcB
AQRlMGMwOwYIKwYBBQUHMAKGL2h0dHA6Ly9jcnQuY29tb2RvY2EuY29tL0NPTU9E
T1JTQUFkZFRydXN0Q0EuY3J0MCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC5jb21v
ZG9jYS5jb20wDQYJKoZIhvcNAQEMBQADggIBAE4rdk + SHGI2ibp3wScF9BzWRJ2p
mj6q1WZmAT7qSeaiNbz69t2Vjpk1mA42GHWx3d1Qcnyu3HeIzg / 3kCDKo2cuH1Z /
e + FE6kKVxF0NAVBGFfKBiVlsit2M8RKhjTpCipj4SzR7JzsItG8kO3KdY3RYPBps
P0 / HEZrIqPW1N + 8QRcZs2eBelSaz662jue5 / DJpmNXMyYE7l3YphLG5SEXdoltMY
dVEVABt0iN3hxzgEQyjpFv3ZBdRdRydg1vs4O2xyopT4Qhrf7W8GjEXCBgCq5Ojc
2bXhc3js9iPc0d1sjhqPpepUfJa3w / 5Vjo1JXvxku88 + vZbrac2 / 4EjxYoIQ5QxG
V / Iz2tDIY 3GH5QFlkoakdH368 + + + PUq4NCNk qKBR6cGHdNXJ93SrLlP7u3r7l + L4
// u + HyaPs9Kg4DdbKDsx5Q5XLVq4rXmsXiBmGqW5prU5wfWYQ aen / e7KJD2AFsQX
j4rBYKEMrltDR5FL1ZoXX / nUh8HCjLfn4g8wGTeGrODcQgPmlKidrv0PJFGUzpII
0fxQ8ANAe4hZ7Q7drNJ3gjTcBpUC2JD5Leo31Rpg0Gcg19hCC0Wvgmje3WYkN5Ap
lBlGGSW4gNfL1IYoakRwJiNiqZ + + Gb7 6kHDSVneFeO / qJakXzlByjAA6quPbYzSf
+ + AZxAeKCINT b72x
----- ----- END CERTIFICATE
2 s: / C = GB / ST = Greater Manchester / L = Salford/O=COMODO CA Limited/CN=COMODO RSA Certification Authority
i:/C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
-----BEGIN CERTIFICATE---- -
MIIFdDCCBFygAwIBAgIQJ2buVutJ846r13Ci/ITeIjANBgkqhkiG9w0BAQwFADBv
MQswCQYDVQQGEwJTRTEUMBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFk
ZFRydXN0IEV4dGVybmFsIFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBF
eHRlcm5hbCBDQSBSb290MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFow
gYUxCzAJBgNVBAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAO
BgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoTEUNPTU9ETyBDQSBMaW1pdGVkMSswKQYD
VQQDEyJDT01PRE8gUlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIICIjANBgkq
hkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAkehUktIKVrGsDSTdxc9EZ3SZKzejfSNw
AHG8U9 / E + ioSj0t / EFa9n3Byt2F / yUsPF6c947AEYe7 / EZfH9IY + + Cvo XPmT5jR6 2RRr55yzhaCCenavcZDX7P0N
pxs + + t + + wgvQUfvm xKYvT3 + Zf7X8Z0NyvQwA1onr
ayzT7Y + YHBSrfuXjbvzYqOSSJNpDa2K4Vf3qwbxstovzDo2a5JtsaZn4eEgwRdWt
4Q08RWD8MpZRJ7xnw8outmvqRsfHIKCxH2XeSAi6pE6p8oNGN4Tr6MyBSENnTnIq m1y9TBsoilwie7SrmNnu4FGDwwlGTm0
mfqVF9p8M1dBPI1R7Qu2XK8sYxrfV8g + /
vOldxJuvRZnio1oktLqpVj3Pb6r / SVi + 8Kj / 9Lit6Tf7urj0Czr56ENCHonYhMsT
8dm74YlguIwoVqwUHZwK53Hrzw7dPamWoUi9PPevtQ0iTMARgexWO / bTouJbt7IE
IlKVgJNp6I5MZfGRAy1wdALqi2cVKWlSArvX31BqVUa / oKMoYX9w0MOiqiwhqkfO
KJwGRXa / ghgntNWutMtQ5mv0TIZxMOmm3xaG4Nj / QN370EKIf6MzOi5cHkERgWPO
GHFrK + + ymircxXDpqR DDeVnWIBqv8mqYqnK8V0rSS527EPywTEHl7R09XiidnMy /
s1Hap0flhFMCAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBStvZh6NLQm9 / rEJlTvA73g
JMtUGjAdBgNVHQ4EFgQUu69 + Aj36pvE8hI6t7jiY7NkyMtQwDgYDVR0PAQH / BAQD
AgGGMA8GA1UdEwEB / wQFMAMBAf8wEQYDVR0gBAowCDAGBgRVHSAAMEQGA1UdHwQ9
MDswOaA3oDWGM2h0dHA6Ly9jcmwudXNlcnRydXN0LmNvbS9BZGRUcnVzdEV4dGVy
bmFsQ0FSb290LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUHMAGGGWh0dHA6
Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQEMBQADggEBAGS / g / FfmoXQ
+ 8nYEbvFScLsePP9NDXRqzIGCJdPDoCpdTPW6i6FtxFQJdcfj
zbihKVcN6Fr30ek Jw5dhHk3QBN39bSsHNA7qxcS1u80GH4r6XnTq1dFDK8o + tDb5VCViLvfhVdpfZLY
Uspzgb8c8 + a4bmYRBbMelC1 / kZWSWfFMzqORcUx8Rww7Cxn2obFshj5cqsQugsv5
B5a6SE2Q8pTIqXOi6wZ7I53eovNNVZ96YUWYGGjHXkBrI / V5eu + MtWuLt29G9Hvx PUsE2JOAWVrgQSQdso8VYFhH2
9uRv0V9dlfmrPb2LjkQLPNlzmuhbsdjrzch5vR +
pu / xO28QOG8 =
----- ----- END CERTIFICATE
---
Server certificate
subject = / OU = Domain Control Validated / OU =PositiveSSL/CN=toster.ru
issuer=/C=GB/ST=Greater Manchester/L=Salford/O=COMODO CA Limited/CN=COMODO RSA Domain Validation Secure Server CA
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 4976 bytes and written 452 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit the
Secure renegotiation the IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
the SSL-: Session:
Protocol: TLSv1.2 of
Cipher: ECDHE-the RSA-AES128-GCM-the SHA256
: Session-ID: EDD7BAA05F548B6A3BC8F19F9C28E5414677B830CEE811E66178B36D57E6FCFB :
Session-ID-the ctx:
to Master Master-Key: 036ABEA2843584444AB8E46CDDA2AAC06630FBFCFD60A236664E7A55511F1D6A05F910F438D4B2EA56F6CCCFC9484853
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 600 (seconds)
TLS session ticket:
0000 - f9 98 a7 5f 94 07 d8 2f-02 23 ed d3 ae 00 da 55 ..._.../ .#.....U
0010 - 6d 9d 9e ea 5a 0f 08 7c-47 30 55 a4 55 b4 a5 f9 m...Z..|G0U.U...
0020 - bd e3 8f 58 03 6e cc 6b-03 14 b3 91 de 69 c5 77 ...Xnk....iw
0030 - 8e c2 b1 38 da a9 49 81-35 fc 71 27 32 43 88 5a ...8..I.5.q' 2C.Z
0040 - 7c 7f 71 c7 16 ba a6 a0-cc 97 ce 07 94 95 5f ce |.q..........._.
0050 - 48 d5 16 1f b0 71 76 3f-c2 ea 6d 2b 0b 3e 27 8d H....qv?..m+.>'.
0060 - 78 98 80 e3 68 02 a5 e8-ad f2 eb 02 5b ff 82 2d x...h.......[..-
0070 - 21 e5 7b d2 2b 70 de 27-28 0f 70 b9 8e 81 2f 93 !.{.+p.'(.p.../.
0080 - 68 0f 29 77 63 01 28 6b-37 e6 56 c3 23 85 b3 4d h.)wc.(k7.V.#..M
0090 - 13 37 27 02 96 b5 6b e1-0e 43 2e 13 f9 48 79 1b .7'...k..C... Hy.00a0
- dd 82 5f 71 e5 a0 ff e4-4c f0 aa 64 d7 68 ba 3f .._q....L..dh?
Start Time: 1476978798
Timeout : 300 (sec)
Verify return code: 0 (ok )
---