Fsockopen::verify_certificate_from_context( string $host, resource $context ): bool

In this article

Verify the certificate against common name and subject alternative names

Description

Unfortunately, PHP doesn’t check the certificate against the alternative names, leading things like ‘https://www.github.com/‘ to be invalid.
Instead

Parameters

$hoststringrequired
Host name to verify against
$contextresourcerequired
Stream context

Return

bool

Source

public function verify_certificate_from_context($host, $context) {
	$meta = stream_context_get_options($context);

	// If we don't have SSL options, then we couldn't make the connection at
	// all
	if (empty($meta) || empty($meta['ssl']) || empty($meta['ssl']['peer_certificate'])) {
		throw new Exception(rtrim($this->connect_error), 'ssl.connect_error');
	}

	$cert = openssl_x509_parse($meta['ssl']['peer_certificate']);

	return Ssl::verify_certificate($host, $cert);
}

User Contributed Notes

You must log in before being able to contribute a note or feedback.