List of context options for ssl:// and tls:// transports.
| peer_name | The peer name to use. If this value is not set, the name is guessed based on the hostname used when opening the stream. |
|---|---|
| verify_peer | Requires verification of the SSL certificate used. Defaults to TRUE. |
| verify_peer_name | Required to verify peer name. Defaults to TRUE. |
| allow_self_signed | Allow self-signed certificates. Requires verify_peer. Defaults to FALSE |
| cafile | The location of the Certification Authority file on the local file system used to authenticate remote peers. |
| capath | must be a correctly hashed certificate directory. |
| local_cert | The path to the local certificate file on the file system.|
| local_pk | The path to the local private key file on the file system (if the certificate and private key files are separate) . |
| Password | The password used to encode the local_cert file. |
| CN_match | The common name we expect. If the common name does not match, the connection attempt will fail. |
| verify_depth | Abort if certificate chain is too deep. |
| Password | Setting available List of passwords. The format of the string is described in » ciphers(1). |
| capture_peer_cert | If set to TRUE a peer_certificate context option will be created containing the peer certificate. |
| capture_peer_cert_chain | If set to TRUE, the peer_certificate_chain context option will be created to contain the certificate chain. |
| SNI_enabled | If set to TRUE, server name indication will be enabled. |
| SNI_server_name | If set, this value will be used as the server name indicated by the server name. Otherwise, guess the server name based on the hostname used |
| disable_compression | If set, disables TLS compression. |
| peer_fingerprint | Abort when the remote certificate digest does not match the specified hash. |
| security_level | Set the security level. If not specified, the default security level is used. Available since PHP 7.2.0 and OpenSSL 1.1.0. |
This example shows SSL context settings.
$stream_context = stream_context_create([ 'ssl' => [ 'local_cert' => '/path/to/key.pem', 'peer_fingerprint' => openssl_x509_fingerprint(file_get_contents('/path/to/key.crt')), 'verify_peer' => false, 'verify_peer_name' => false, 'allow_self_signed' => true, 'verify_depth' => 0 ]]);
The above is the detailed content of PHP SSL context options. For more information, please follow other related articles on the PHP Chinese website!
function function usage
How to view stored procedures in MySQL
How to check deleted call records
The difference between insertbefore and before
What language is generally used to write vscode?
How to convert nef to jpg format
Ranking of the top ten digital currency exchanges
What is the core of a database system?
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
