Oh Dear! monitors your entire website, not just the homepage. You'll get a notification as soon as your website is down, a monthly uptime report, a warning a few days before your SSL certificate expires and much more! Start your free 10 day trial now!

Validating SSL certificates with PHP

Link –

With vanilla PHP it's possible to check of if the SSL certificate of a given site is valid. But it's kinda madness to do it. Let's look at the code required:

<br />// Step 1: downloading the certificate from the site
$streamContext = stream_context_create([
    'ssl' => [
        'capture_peer_cert' => true,
    ],
]);

$client = stream_socket_client(
    "ssl://spatie.be:443",
    $errorNumber,
    $errorDescription,
    $timeout,
    STREAM_CLIENT_CONNECT,
    $streamContext);

$response = stream_context_get_params($client);

$certificateProperties = openssl_x509_parse($response['options']['ssl']['peer_certificate']);

// Step 2: parsing the certificate

/*
* I'm not even going to type out the further code needed.
*
* `$certificateProperties` has two keys `validFrom_time_t` and `validTo_time_t`. 
* Those keys contain the UTC representation of the date.
* You will need to check if the current date is between those dates.
*/ 

What. The. Actual. F. Let's fix this!

We've released a new package named spatie/ssl-certificate that makes checking the SSL certificate of a site laughably easy. Let's take a look at the code:

$certificate = SslCertificate::createForHostName('spatie.be');
certificate->isValid(); // returns true if the certificate is currently valid

Boom, done.

The package has a few more methods that makes working with an SSL certificate a breeze:

$certificate->getIssuer(); // returns "Let's Encrypt Authority X3"

$certificate->getDomain(); // returns "spatie.be"

//A certificate can cover multiple (sub)domains. Here's how to get them.
$certificate->getAdditionalDomains(); // returns ["spatie.be", "www.spatie.be]

$this->certificate->validFromDate(); // returns an instance of Carbon

$certificate->getExpirationDate(); // returns an instance of Carbon

You can also use isValid to determine if a given domain is covered by the certificate. Of course it'll keep checking if the current datetime is between validFromDate and expirationDate.

$this->certificate->isValid('spatie.be'); // returns true
$this->certificate->isValid('laravel.com'); // returns false

The source code of the package is available on GitHub. My company has made many more PHP framework agnostic, Laravel and JavaScript packages in the past. Take a look at the open source page at our site to see if we've made anything that could be of use to you.

Stay up to date with all things Laravel, PHP, and JavaScript.

Every two weeks I send out a newsletter containing lots of interesting stuff for the modern PHP developer.

Expect quick tips & tricks, interesting tutorials, opinions and packages. Because I work with Laravel every day there is an emphasis on that framework.

Rest assured that I will only use your email address to send you the newsletter and will not use it for any other purposes.