checksslcontext.php

<?php
/**
 * Send reconfigure=1 as a GET param to configure the example correctly.
 * Omit to see the results from PHP's default SSL context settings.
 * This example script reflects output from https://www.howsmyssl.com.
 */
$reconfigure = isset($_GET['reconfigure']) ? (bool) $_GET['reconfigure'] : false;
/**
 * https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Ciphersuite
 */
$ciphers = implode(':', array(
    'ECDHE-RSA-AES128-GCM-SHA256',
    'ECDHE-ECDSA-AES128-GCM-SHA256',
    'ECDHE-RSA-AES256-GCM-SHA384',
    'ECDHE-ECDSA-AES256-GCM-SHA384',
    'DHE-RSA-AES128-GCM-SHA256',
    'DHE-DSS-AES128-GCM-SHA256',
    'kEDH+AESGCM',
    'ECDHE-RSA-AES128-SHA256',
    'ECDHE-ECDSA-AES128-SHA256',
    'ECDHE-RSA-AES128-SHA',
    'ECDHE-ECDSA-AES128-SHA',
    'ECDHE-RSA-AES256-SHA384',
    'ECDHE-ECDSA-AES256-SHA384',
    'ECDHE-RSA-AES256-SHA',
    'ECDHE-ECDSA-AES256-SHA',
    'DHE-RSA-AES128-SHA256',
    'DHE-RSA-AES128-SHA',
    'DHE-DSS-AES128-SHA256',
    'DHE-RSA-AES256-SHA256',
    'DHE-DSS-AES256-SHA',
    'DHE-RSA-AES256-SHA',
    'AES128-GCM-SHA256',
     'AES256-GCM-SHA384',
    'ECDHE-RSA-RC4-SHA',
    'ECDHE-ECDSA-RC4-SHA',
    'AES128',
    'AES256',
    'RC4-SHA',
    'HIGH',
    '!aNULL',
    '!eNULL',
    '!EXPORT',
    '!DES',
    '!3DES',
    '!MD5',
    '!PSK'
));
$context = stream_context_create(array(
    'ssl' => array(
        'ciphers' => $ciphers,
        'verify_peer' => true,
        'cafile' => '/etc/ssl/certs/ca-certificates.crt', // <-- EDIT FOR NON-DEBIAN/UBUNTU SYSTEMS
        'CN_match' => 'howsmyssl.com',
        'verify_depth' => 3,
        'disable_compression' => true,
        'SNI_enabled' => true
    )
));
if ($reconfigure) {
    $html = file_get_contents('https://www.howsmyssl.com', null, $context);
} else {
    $html = file_get_contents('https://www.howsmyssl.com'); // This default will be BAD!
}
$html = str_replace('href="/', 'href="https://www.howsmyssl.com/', $html);
echo $html;