spatie/ssl-certificate

A class to easily query the properties of an ssl certificate

Fund package maintenance!
spatie
Other

Installs: 3 347 740

Dependents: 33

Suggesters: 5

Security: 0

Stars: 711

Watchers: 20

Forks: 133

Open Issues: 0

2.6.8 2024-09-20 13:11 UTC

README

Latest Version on Packagist MIT Licensed run-tests Quality Score Total Downloads

The class provided by this package makes it incredibly easy to query the properties on an ssl certificate. We have three options for fetching a certficate. Here's an example:

use Spatie\SslCertificate\SslCertificate;

// fetch the certificate using an url
$certificate = SslCertificate::createForHostName('spatie.be');

// or from a certificate file
$certificate = SslCertificate::createFromFile($pathToCertificateFile);

// or from a string
$certificate = SslCertificate::createFromString($certificateData);

$certificate->isValid(); // returns true if the certificate is currently valid

$certificate->expirationDate(); // returns a Carbon instance Carbon
$certificate->validFromDate(); // returns a Carbon instance Carbon

$certificate->daysUntilExpirationDate(); // returns the amount of days between today and expirationDate
$certificate->lifespanInDays(); // return the amount of days between validFromDate and expirationDate

$certificate->getIssuer(); // returns "Let's Encrypt Authority X3"
$certificate->getOrganization(); // returns the organization name when available
$certificate->getPublicKeyAlgorithm(); // returns the public key algorithm
$certificate->getPublicKeySize(); // returns the public key algorithm
$certificate->getSignatureAlgorithm(); // returns the signature algorithm

Downloading invalid certificate

If you want to download certificates even if they are invalid (for example, if they are expired), you can pass a $verifyCertificate boolean to SslCertificate::createFromHostname() as the third argument, for example:

$certificate = SslCertificate::createForHostName('expired.badssl.com', $timeoutInSeconds, false);

About us

Spatie is a webdesign agency based in Antwerp, Belgium. You'll find an overview of all our open source projects on our website.

Support us

We invest a lot of resources into creating best in class open source packages. You can support us by buying one of our paid products.

We highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using. You'll find our address on our contact page. We publish all received postcards on our virtual postcard wall.

Installation

You can install the package via composer:

composer require spatie/ssl-certificate

Important notice

Currently, this package does not check if the certificate is signed by a trusted authority. We'll add this check soon in a next point release.

Usage

You can create an instance of Spatie\SslCertificate\SslCertificate with this named constructor:

$certificate = SslCertificate::createForHostName('spatie.be');

You can create an instance of Spatie\SslCertificate\SslCertificate passing the port with this named constructor:

$certificate = SslCertificate::createForHostName('spatie.be:443');

You can use this fluent style to specify a specific port to connect to.

SslCertificate::download()
   ->usingPort($customPort)
   ->forHost($hostName);

You can check the certificate on a different IP address using the same style.

SslCertificate::download()
   ->fromIpAddress($ipAddress)
   ->forHost($hostName);

This also works with IPv6 addresses

SslCertificate::download()
    ->fromIpAddress('2a00:1450:4001:80e::200e')
    ->forHost('google.com');

You can specify socket context options.

SslCertificate::download()
   ->withSocketContextOptions([
      'option' => 'value',
   ])
   ->forHost($hostName);

If the given ipAddress is invalid Spatie\SslCertificate\Exceptions\InvalidIpAddress will be thrown.

If the given hostName is invalid Spatie\SslCertificate\Exceptions\InvalidUrl will be thrown.

If the given hostName is valid but there was a problem downloading the certifcate Spatie\SslCertificate\Exceptions\CouldNotDownloadCertificate will be thrown.

Getting the issuer name

$certificate->getIssuer(); // returns "Let's Encrypt Authority X3"

Getting the domain name

Returns the primary domain name for the certificate

$certificate->getDomain(); // returns "spatie.be"

Getting the certificate's signing algorithm

Returns the algorithm used for signing the certificate

$certificate->getSignatureAlgorithm(); // returns "RSA-SHA256"

Getting the certificate's organization

Returns the organization belonging to the certificate

$certificate->getOrganization(); // returns "Spatie BVBA"

Getting the additional domain names

A certificate can cover multiple (sub)domains. Here's how to get them.

$certificate->getAdditionalDomains(); // returns ["spatie.be", "www.spatie.be]

A domain name return with this method can start with * meaning it is valid for all subdomains of that domain.

Getting the fingerprint

$certificate->getFingerprint(); // returns a fingerprint for the certificate

Getting the SHA256 fingerprint

$certificate->getFingerprintSha256(); // returns a SHA256 fingerprint for the certificate

Getting the date when the certificate becomes valid

$certificate->validFromDate(); // returns an instance of Carbon

Getting the expiration date

$certificate->expirationDate(); // returns an instance of Carbon

Determining if the certificate is still valid

Returns true if the current Date and time is between validFromDate and expirationDate.

$certificate->isValid(); // returns a boolean

You also use this method to determine if a given domain is covered by the certificate. Of course it'll keep checking if the current Date and time is between validFromDate and expirationDate.

$certificate->isValid('spatie.be'); // returns true;
$certificate->isValid('laravel.com'); // returns false;

Determining if the certificate is still valid until a given date

Returns true if the certificate is valid and if the expirationDate is after the given date.

$certificate->isValidUntil(Carbon::now()->addDays(7)); // returns a boolean

Determining if the certificate is expired

$certificate->isExpired(); // returns a boolean if expired

Convert the certificate to an array

You can convert a certificate to an array using the toArray method.

$certificateProperties = $certificate->toArray();

The properties can be used to create a new instance of the certificate.

\Spatie\SslCertificate\SslCertificate::createFromArray($certificateProperties);

Testing

composer test

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Postcardware

You're free to use this package, but if it makes it to your production environment we highly appreciate you sending us a postcard from your hometown, mentioning which of our package(s) you are using.

Our address is: Spatie, Kruikstraat 22, 2018 Antwerp, Belgium.

We publish all received postcards on our company website.

Credits

The helper functions and tests were copied from the Laravel Framework.

License

The MIT License (MIT). Please see License File for more information.