@ 2015-11-16T08:36:37Z <?php
ini_set('display_errors', 1);
/**
* This script check how PHP makes HTTPS (SSL/TLS) requests using PHP Streams
* or cURL. Configuration options are passed as GET parameters, for example:
* http://localhost/checksslcontext.php?reconfigure=1
*
* Configuration:
* http://localhost/checksslcontext.php
* Basic PHP Streams using file_get_contents(). Default settings.
* http://localhost/checksslcontext.php?reconfigure=1
* As above but reconfigures SSL Context for PHP Streams to be secure.
* It will also reconfigure cURL (if selected) to use the Mozilla ciphersuite.
* http://localhost/checksslcontext.php?curl=1
* Use cURL instead of PHP Streams (good to compare!)
* http://localhost/checksslcontext.php?qualys=1
* Use the Qualys SSL Labs service instead of http://www.howsmyssl.com
*
* This script reflects result output from howsmyssl.com and ssllabs.com to your browser.
*/
$reconfigure = isset($_GET['reconfigure']) ? (bool) $_GET['reconfigure'] : false;
$usecurl = true;
$checkqualys = isset($_GET['qualys']) ? (bool) $_GET['qualys'] : false;
/**
* https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Ciphersuite
*/
$ciphers = implode(':', array(
'ECDHE-RSA-AES128-GCM-SHA256',
'ECDHE-ECDSA-AES128-GCM-SHA256',
'ECDHE-RSA-AES256-GCM-SHA384',
'ECDHE-ECDSA-AES256-GCM-SHA384',
'DHE-RSA-AES128-GCM-SHA256',
'DHE-DSS-AES128-GCM-SHA256',
'kEDH+AESGCM',
'ECDHE-RSA-AES128-SHA256',
'ECDHE-ECDSA-AES128-SHA256',
'ECDHE-RSA-AES128-SHA',
'ECDHE-ECDSA-AES128-SHA',
'ECDHE-RSA-AES256-SHA384',
'ECDHE-ECDSA-AES256-SHA384',
'ECDHE-RSA-AES256-SHA',
'ECDHE-ECDSA-AES256-SHA',
'DHE-RSA-AES128-SHA256',
'DHE-RSA-AES128-SHA',
'DHE-DSS-AES128-SHA256',
'DHE-RSA-AES256-SHA256',
'DHE-DSS-AES256-SHA',
'DHE-RSA-AES256-SHA',
'AES128-GCM-SHA256',
'AES256-GCM-SHA384',
'ECDHE-RSA-RC4-SHA',
'ECDHE-ECDSA-RC4-SHA',
'AES128',
'AES256',
'RC4-SHA',
'HIGH',
'!aNULL',
'!eNULL',
'!EXPORT',
'!DES',
'!3DES',
'!MD5',
'!PSK'
));
if (!$checkqualys) {
$url = 'https://www.howsmyssl.com';
$domain = 'howsmyssl.com';
} else {
$url = 'https://www.ssllabs.com/ssltest/viewMyClient.html';
$domain = 'www.ssllabs.com';
}
$context = stream_context_create(array(
'ssl' => array(
'ciphers' => $ciphers,
'verify_peer' => true,
'cafile' => '/etc/ssl/certs/ca-certificates.crt', // <-- EDIT FOR NON-DEBIAN/UBUNTU SYSTEMS
'CN_match' => $domain,
'verify_depth' => 3,
'disable_compression' => true,
'SNI_enabled' => true,
'SNI_server_name' => $domain
)
));
if (!$usecurl) {
if ($reconfigure) {
$html = file_get_contents($url, null, $context);
} else {
$html = file_get_contents($url); // This default will be BAD!
}
} else {
$ch = curl_init($url);
if ($reconfigure) {
curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, $ciphers);
}
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$html = curl_exec($ch);
curl_close($ch);
}
if (!$checkqualys) {
$html = str_replace('href="/', 'href="https://www.howsmyssl.com/', $html);
} else {
$html = str_replace('href="/', 'href="https://www.ssllabs.com/', $html);
}
echo $html;
Enable javascript to submit You have javascript disabled. You will not be able to edit any code.
Output for 7.0.0 - 7.0.20 , 7.1.0 - 7.1.25 , 7.2.0 - 7.2.33 , 7.3.0 - 7.3.33 , 7.4.0 - 7.4.33 , 8.0.0 - 8.0.30 , 8.1.0 - 8.1.28 , 8.2.0 - 8.2.18 , 8.3.0 - 8.3.6 Fatal error: Uncaught Error: Call to undefined function curl_init() in /in/I2cie:91
Stack trace:
#0 {main}
thrown in /in/I2cie on line 91
Process exited with code 255 . Output for 5.5.24 - 5.5.35 , 5.6.8 - 5.6.28 Fatal error: Call to undefined function curl_init() in /in/I2cie on line 91
Process exited with code 255 . preferences:dark mode live preview
179.85 ms | 402 KiB | 198 Q