A class to validate SSL certificates
The class provided by this package makes it incredibly easy to query the properties on an ssl certificate. We have three options for fetching a certficate. Here's an example:
use Spatie\SslCertificate\SslCertificate;
// fetch the certificate using an url
$certificate = SslCertificate::createForHostName('spatie.be');
// or from a certificate file
$certificate = SslCertificate::createFromFile($pathToCertificateFile);
// or from a string
$certificate = SslCertificate::createFromString($certificateData);
$certificate->getIssuer(); // returns "Let's Encrypt Authority X3"
$certificate->isValid(); // returns true if the certificate is currently valid
$certificate->validFromDate(); // returns a Carbon instance Carbon
$certificate->expirationDate(); // returns a Carbon instance Carbon
$certificate->lifespanInDays(); // return the amount of days between validFromDate and expirationDate
$certificate->expirationDate()->diffInDays(); // returns an int
$certificate->getSignatureAlgorithm(); // returns a string
$certificate->getOrganization(); // returns the organization name when available
Downloading invalid certificate
If you want to download certificates even if they are invalid (for example, if they are expired), you can pass a $verifyCertificate
boolean to SslCertificate::createFromHostname()
as the third argument, for example:
$certificate = SslCertificate::createForHostName('expired.badssl.com', $timeoutInSeconds, false);
About us
Spatie is a webdesign agency based in Antwerp, Belgium. You'll find an overview of all our open source projects on our website.
Support us
We invest a lot of resources into creating best in class open source packages. You can support us by buying one of our paid products.
We highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on our contact page. We publish all received postcards on our virtual postcard wall.
Installation
You can install the package via composer:
composer require spatie/ssl-certificate
Important notice
Currently, this package does not check if the certificate is signed by a trusted authority. We'll add this check soon in a next point release.
Usage
You can create an instance of Spatie\SslCertificate\SslCertificate
with this named constructor:
$certificate = SslCertificate::createForHostName('spatie.be');
You can create an instance of Spatie\SslCertificate\SslCertificate
passing the port with this named constructor:
$certificate = SslCertificate::createForHostName('spatie.be:443');
You can use this fluent style to specify a specific port to connect to.
SslCertificate::download()
->usingPort($customPort)
->forHost($hostName);
You can check the certificate on a different IP address using the same style.
SslCertificate::download()
->fromIpAddress($ipAddress)
->forHost($hostName);
This also works with IPv6 addresses
SslCertificate::download()
->fromIpAddress('2a00:1450:4001:80e::200e')
->forHost('google.com');
You can specify socket context options.
SslCertificate::download()
->withSocketContextOptions([
'option' => 'value',
])
->forHost($hostName);
If the given ipAddress
is invalid Spatie\SslCertificate\Exceptions\InvalidIpAddress
will be thrown.
If the given hostName
is invalid Spatie\SslCertificate\Exceptions\InvalidUrl
will be thrown.
If the given hostName
is valid but there was a problem downloading the certifcate Spatie\SslCertificate\Exceptions\CouldNotDownloadCertificate
will be thrown.
Getting the issuer name
$certificate->getIssuer(); // returns "Let's Encrypt Authority X3"
Getting the domain name
Returns the primary domain name for the certificate
$certificate->getDomain(); // returns "spatie.be"
Getting the certificate's signing algorithm
Returns the algorithm used for signing the certificate
$certificate->getSignatureAlgorithm(); // returns "RSA-SHA256"
Getting the certificate's organization
Returns the organization belonging to the certificate
$certificate->getOrganization(); // returns "Spatie BVBA"
Getting the additional domain names
A certificate can cover multiple (sub)domains. Here's how to get them.
$certificate->getAdditionalDomains(); // returns ["spatie.be", "www.spatie.be]
A domain name return with this method can start with *
meaning it is valid for all subdomains of that domain.
Getting the fingerprint
$certificate->getFingerprint(); // returns a fingerprint for the certificate
Getting the SHA256 fingerprint
$certificate->getFingerprintSha256(); // returns a SHA256 fingerprint for the certificate
Getting the date when the certificate becomes valid
$certificate->validFromDate(); // returns an instance of Carbon
Getting the expiration date
$certificate->expirationDate(); // returns an instance of Carbon
Determining if the certificate is still valid
Returns true if the current Date and time is between validFromDate
and expirationDate
.
$certificate->isValid(); // returns a boolean
You also use this method to determine if a given domain is covered by the certificate. Of course it'll keep checking if the current Date and time is between validFromDate
and expirationDate
.
$certificate->isValid('spatie.be'); // returns true;
$certificate->isValid('laravel.com'); // returns false;
Determining if the certificate is still valid until a given date
Returns true if the certificate is valid and if the expirationDate
is after the given date.
$certificate->isValidUntil(Carbon::now()->addDays(7)); // returns a boolean
Determining if the certificate is expired
$certificate->isExpired(); // returns a boolean if expired
Convert the certificate to an array
You can convert a certificate to an array using the toArray
method.
$certificateProperties = $certificate->toArray();
The properties can be used to create a new instance of the certificate.
\Spatie\SslCertificate\SslCertificate::createFromArray($certificateProperties);
Testing
composer test
Changelog
Please see CHANGELOG for more information on what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security Vulnerabilities
Please review our security policy on how to report security vulnerabilities.
Postcardware
You're free to use this package, but if it makes it to your production environment we highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using.
Our address is: Spatie, Kruikstraat 22, 2018 Antwerp, Belgium.
We publish all received postcards on our company website.
Credits
The helper functions and tests were copied from the Laravel Framework.
License
The MIT License (MIT). Please see License File for more information.