Georgi Mitev | Learn Scripts Tutorials | PHP Cron Mysql Flash » ssl http://georgi-mitev.com Georgi Mitev's blog for scripts tutorials and something else Thu, 29 Apr 2010 09:00:14 +0000 http://wordpress.org/?v=2.9.2 en hourly 1 HTTP, HTTPS, and SSL via PHP http://georgi-mitev.com/2009/05/10/http-https-and-ssl-via-php/ http://georgi-mitev.com/2009/05/10/http-https-and-ssl-via-php/#comments Sun, 10 May 2009 07:08:15 +0000 admin http://georgi-mitev.com/?p=81 Today i found this very cool tutorial regarding the using of using ssl with PHP.

I’ll copy here the most interesting of it.

HTTP with PHP Sockets

// don’t need to specify http, it’s the default protocol
$hostname = “www.google.com”;
$port = 80;

// create and configure the client socket
$fp = fsockopen($hostname, $port); // optional: $error_number, $error_string, $connect_timeout
if ($fp) {
stream_set_timeout($fp, 30); // seconds to wait for i/o operations

// send request headers
fwrite($fp, “GET / HTTP/1.1\r\n”);
fwrite($fp, “Host: $hostname\r\n”);
fwrite($fp, $additional_headers); // Accept, User-Agent, Referer, etc.
fwrite($fp, “Connection: close\r\n”);

// read response
$response = “”;
while (!feof($fp)) {
$response .= fgets($fp, 128);
}
echo $response;

// close the socket
fclose($fp);
}

Direct SSL Sockets in PHP

You don’t have to send request headers in the above example. You can actually connect to some servers and send raw text with fwrite. Because you have to implement the HTTP/HTTPS protocol yourself if you want it, sockets are considered “clean” connections.
You don’t have to send request headers in the above example. You can actually connect to some servers and send raw text with fwrite. Because you have to implement the HTTP/HTTPS protocol yourself if you want it, sockets are considered “clean” connections.

// note that “ssl” is the protocol, NOT “https”
$hostname = “ssl://your-secure-site.com”;
$port = 443;

// create and configure the client socket
$fp = fsockopen($hostname, $port);
if ($fp) {
stream_set_timeout($fp, 30);

// send data (or build HTTPS headers similar to first example)
fwrite($fp, “your message goes here”);

// read response
while (!feof($fp)) {
echo fgets($fp, 128);
}

// close the socket
fclose($fp);
}

HTTPS via cURL

PHP doesn’t directly support attaching client certificates to web requests with fsockopen, so you have to use the cURL library.
$url = “https://your-secure-site.com/secure-service.php”;
$port = 443;

// POST data, formatted just like a GET query string
$request = “name=hb&age=27&site=arguments.callee.info”;

// the client certificate path MUST be a physical path, not url
$certificate = “C:\\certificates\\test.crt”; // windows example
$certificate = “/etc/pki/tls/private/test.crt”; // unix/linux example
$password = ‘mypassword’; // client certificate’s key

// more details at http://php.net/curl
$ch = curl_init();
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_PORT, $port);
curl_setopt($ch, CURLOPT_POSTFIELDS, $request);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 1);
curl_setopt($ch, CURLOPT_SSLCERT, $certificate);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $password);

// fetch response and close the socket
$response = curl_exec($ch);
curl_close($ch);

]]> http://georgi-mitev.com/2009/05/10/http-https-and-ssl-via-php/feed/ 4 Get your freak on with SSL and Apache :P http://georgi-mitev.com/2009/03/08/38/ http://georgi-mitev.com/2009/03/08/38/#comments Sun, 08 Mar 2009 20:14:08 +0000 admin http://georgi-mitev.com/?p=38 for everybody who is just starting to learn about the SSL оpportunities that you have with Open SSL (tool) and the mod_ssl for Apache for securing your site. The simplest and fastest thing that you can do is to create a self-signed certificate, after you generate a free RSA key :) . Don’t worry it’s not so sophisticated as it sounds :) actually it’s pretty easy. You can read more on the link below
ssl graph

Securing an Apache 2 Web server can be an intimidating prospect for those new to secure sockets layer (SSL) certificates. However, this need not be the case. SSL secures Web server to Web browser connections. Read on to better understand SSL certificates, learn how to set them up on Apache and launch your SSL-enabled site.

basically i will save you some of reading the long tutorial and will get straight to the point – here are some useful commands that you are going to learn from this tutorial. I had some problem with these commands under windows so i give you my updated version – everything should be ok here :)

i tested that with win7 and xampp 1.7 :)

create RSA private key
openssl genrsa -out mykey.pem 1024

create self-signed certificate
openssl req -config “xammp-dir\apache\bin\openssl.cnf” -new -key my.key -x509 -out sslname.crt

create certificate signing request
openssl req -new -key my.key -config “xammp-dir\apache\bin\openssl.cnf” -out my.csr

<IfDefine HAVE_SSL>

<VirtualHost 10.0.0.5:443>
DocumentRoot /home/sites/domainname.com/html
ServerName www.domainname.com
ServerAlias domainname.com
ServerAdmin admin@domainname.com
ErrorLog /home/sites/domainname.com/logs/error_log
TransferLog / home/sites/domainname.com/logs/access_log
SSLEngine on
SSLCertificateFile /etc/httpd/conf/ssl.crt/domainname.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/domainname.com.key
SetEnvIf User-Agent “.*MSIE.*” nokeepalive ssl-unclean-shutdown
</VirtualHost>

</IfDefine>

you can read more here:
http://www.sitepoint.com/article/securing-apache-2-server-ssl/

]]> http://georgi-mitev.com/2009/03/08/38/feed/ 0