Home  >  Article  >  Backend Development  >  PHP SSL context options

PHP SSL context options

WBOY
WBOYforward
2023-09-14 13:53:031059browse

PHP SSL上下文选项

Introduction

List of context options for ssl:// and tls:// transports.

The path to the local certificate file on the file system.
peer_name The peer name to use. If this value is not set, the name is guessed based on the hostname used when opening the stream.
verify_peer Requires verification of the SSL certificate used. Defaults to TRUE.
verify_peer_name Required to verify peer name. Defaults to TRUE.
allow_self_signed Allow self-signed certificates. Requires verify_peer. Defaults to FALSE
cafile The location of the Certification Authority file on the local file system used to authenticate remote peers.
capath must be a correctly hashed certificate directory.
local_cert
local_pk The path to the local private key file on the file system (if the certificate and private key files are separate) .
Password The password used to encode the local_cert file.
CN_match The common name we expect. If the common name does not match, the connection attempt will fail.
verify_depth Abort if certificate chain is too deep.
Password Setting available List of passwords. The format of the string is described in » ciphers(1).
capture_peer_cert If set to TRUE a peer_certificate context option will be created containing the peer certificate.
capture_peer_cert_chain If set to TRUE, the peer_certificate_chain context option will be created to contain the certificate chain.
SNI_enabled If set to TRUE, server name indication will be enabled.
SNI_server_name If set, this value will be used as the server name indicated by the server name. Otherwise, guess the server name based on the hostname used
disable_compression If set, disables TLS compression.
peer_fingerprint Abort when the remote certificate digest does not match the specified hash.
security_level Set the security level. If not specified, the default security level is used. Available since PHP 7.2.0 and OpenSSL 1.1.0.

Example

This example shows SSL context settings.

$stream_context = stream_context_create([ 'ssl' => [
   'local_cert' => '/path/to/key.pem',
   'peer_fingerprint' => openssl_x509_fingerprint(file_get_contents('/path/to/key.crt')),
   'verify_peer' => false,
   'verify_peer_name' => false,
   'allow_self_signed' => true,
   'verify_depth' => 0 ]]);

The above is the detailed content of PHP SSL context options. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:tutorialspoint.com. If there is any infringement, please contact admin@php.cn delete