Supporting TLS client certificate in PHP?

Côme Chilliet come at chilliet.eu
Mon Dec 21 09:42:31 GMT 2020

Previous message (by thread): Supporting TLS client certificate in PHP?
Next message (by thread): Supporting TLS client certificate in PHP?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From what I've seen in libtls source, it sets a custom certificate checking callback function to be able to bypass certificate check while still asking for it when you use these insecure_ family of functions.

Current PHP cannot do that. Not sure what would be the best API for this feature if it was added. Most likely a new context option for ssl which says the client cert is optional. I guess to be complete it would allow disabling client cert validation all together, or only when client cert is absent.
An other solution is to allow PHP code to set its own callback, but it seems to be dangerous and hard to use.

Previous message (by thread): Supporting TLS client certificate in PHP?
Next message (by thread): Supporting TLS client certificate in PHP?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Gemini mailing list