Home > Backend Development > PHP Tutorial > PHP SSL context options

PHP SSL context options

WBOY
Release: 2023-09-14 13:54:02
forward
1097 people have browsed it

PHP SSL上下文选项

Introduction

List of context options for ssl:// and tls:// transports.

The path to the local certificate file on the file system.
peer_name The peer name to use. If this value is not set, the name is guessed based on the hostname used when opening the stream.
verify_peer Requires verification of the SSL certificate used. Defaults to TRUE.
verify_peer_name Required to verify peer name. Defaults to TRUE.
allow_self_signed Allow self-signed certificates. Requires verify_peer. Defaults to FALSE
cafile The location of the Certification Authority file on the local file system used to authenticate remote peers.
capath must be a correctly hashed certificate directory.
local_cert
local_pk The path to the local private key file on the file system (if the certificate and private key files are separate) .
Password The password used to encode the local_cert file.
CN_match The common name we expect. If the common name does not match, the connection attempt will fail.
verify_depth Abort if certificate chain is too deep.
Password Setting available List of passwords. The format of the string is described in » ciphers(1).
capture_peer_cert If set to TRUE a peer_certificate context option will be created containing the peer certificate.
capture_peer_cert_chain If set to TRUE, the peer_certificate_chain context option will be created to contain the certificate chain.
SNI_enabled If set to TRUE, server name indication will be enabled.
SNI_server_name If set, this value will be used as the server name indicated by the server name. Otherwise, guess the server name based on the hostname used
disable_compression If set, disables TLS compression.
peer_fingerprint Abort when the remote certificate digest does not match the specified hash.
security_level Set the security level. If not specified, the default security level is used. Available since PHP 7.2.0 and OpenSSL 1.1.0.

Example

This example shows SSL context settings.

$stream_context = stream_context_create([ 'ssl' => [
   'local_cert' => '/path/to/key.pem',
   'peer_fingerprint' => openssl_x509_fingerprint(file_get_contents('/path/to/key.crt')),
   'verify_peer' => false,
   'verify_peer_name' => false,
   'allow_self_signed' => true,
   'verify_depth' => 0 ]]);
Copy after login

The above is the detailed content of PHP SSL context options. For more information, please follow other related articles on the PHP Chinese website!

source:tutorialspoint.com
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template