Last active
September 30, 2016 17:01
-
-
Save sergeycherepanov/942cdd407978f10cc052f8e2393959dd to your computer and use it in GitHub Desktop.
Make ssl bundle from domain certificate
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env php | |
| <?php | |
| /** | |
| * Usage: php ./get_ssl_bundle.php example.com.crt | |
| * | |
| * @param string $crtFile | |
| * @return string | |
| */ | |
| function get_ssl_bundle($crtFile) | |
| { | |
| $certificates = explode('BEGIN', $crtFile); | |
| if (count($certificates) > 2) { | |
| return $crtFile; | |
| } | |
| $crtChain[] = $crtFile; | |
| do { | |
| $certData = openssl_x509_parse($crtFile); | |
| if (!isset($certData['extensions']['authorityInfoAccess'])) { | |
| break; | |
| } | |
| $authorityInfoAccess = $certData['extensions']['authorityInfoAccess']; | |
| preg_match( | |
| '/https?\:\/\/[^\" ]+\.crt/im', | |
| $authorityInfoAccess, | |
| $matches | |
| ); | |
| $intermediaryUrl = isset($matches[0]) ? $matches[0] : null; | |
| if (!empty($intermediaryUrl) && | |
| filter_var($intermediaryUrl, FILTER_VALIDATE_URL, FILTER_FLAG_HOST_REQUIRED) !== false && | |
| $crtFileContent = @file_get_contents($intermediaryUrl) | |
| ) { | |
| $intermediaryCrt = chunk_split(base64_encode($crtFileContent), 64, PHP_EOL); | |
| $crtFile = '-----BEGIN CERTIFICATE-----'.PHP_EOL.$intermediaryCrt.'-----END CERTIFICATE-----'; | |
| $crtChain[] = $crtFile; | |
| } | |
| } while (!is_null($intermediaryUrl)); | |
| return implode(PHP_EOL, $crtChain); | |
| } | |
| if (!file_exists($argv[1])) { | |
| echo "File not found: '{$argv[1]}'" . PHP_EOL; | |
| exit(1); | |
| } | |
| echo get_ssl_bundle(file_get_contents($argv[1])); | |
| echo PHP_EOL; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment