[nycphp-talk] Use php to check for ssl/https support in apache
charlie derr
cderr at simons-rock.edu
Fri Jul 14 21:19:35 EDT 2006
Jon Baer wrote:
> This may sound like a dumb question but wouldn't a test for a
> specific certificate file somehow be a better sign that SSL is setup?
>
> Like attaching a check, if (file_exists('/some/path/cert.pem')) header
> ("Location: https://secure/path/");
>
> ?
The existence of that file only means that SSL *might* be setup properly. It won't tell you that it's working right, and it certainly won't tell you that the connection you're coming in on is
encrypted. Lots of places that serve https also serve plain vanilla http on the same IP. But as an additional check (for a specific cert) the above suggestion might still be useful. As long as it's
not the only thing you're relying on to verify the https protocol.
~c
>
> - Jon
>
> On Jul 14, 2006, at 8:37 PM, Rolan Yang wrote:
>
>
>>Here are 2 ways to do it without resorting to fopen.. Only applies if
>>your https is on the same server. The first is cleaner than the
>>second,
>>but neither are guaranteed to work. Use at your own risk.
>>
>>function check_https() {
>> ob_start();
>> phpinfo(INFO_GENERAL);
>> $phpinfo = ob_get_contents();
>> ob_end_clean();
>> $s=strpos($phpinfo,'Registered PHP Streams');
>> $e=strpos($phpinfo,"\n",$s);
>> if (strstr(substr($phpinfo,$s,$e-$s),'https')) {
>> return TRUE;
>> }
>> else {
>> return FALSE;
>> }
>>}
>>
>>function check_https2() {
>> ob_start();
>> phpinfo(INFO_GENERAL);
>> $test=strstr(ob_get_contents(),'https');
>> ob_end_clean();
>> if ($test) { return TRUE;}
>> else {return FALSE;}
>>}
>>
>>~Rolan
>>
>>Rob Marscher wrote:
>>
>>>Hi All,
>>>
>>>I've done a bit of searching and haven't been able to find if
>>>there's a
>>>means that php running on apache can determine if apache supports
>>>ssl/https connections. It would be nice my app to force an https
>>>connection on certain pages if it is available. Otherwise I'll
>>>have to
>>>do it with a manual config switch.
>>>
>>>Running apache_get_modules() and checking for mod_ssl seems like an
>>>option... but doesn't work on PHP 4.4.2 w/ Apache 1.3 which a lot of
>>>production servers still use. Any other ideas?
>>>
>>>Thanks a lot,
>>>Rob
>>>
>>
>>_______________________________________________
>>New York PHP Community Talk Mailing List
>>http://lists.nyphp.org/mailman/listinfo/talk
>>New York PHP Conference and Expo 2006
>>http://www.nyphpcon.com
>>Show Your Participation in New York PHP
>>http://www.nyphp.org/show_participation.php
>>
>>
>
>
> _______________________________________________
> New York PHP Community Talk Mailing List
> http://lists.nyphp.org/mailman/listinfo/talk
> New York PHP Conference and Expo 2006
> http://www.nyphpcon.com
> Show Your Participation in New York PHP
> http://www.nyphp.org/show_participation.php
More information about the talk
mailing list