3v4l.org

run code in 200+ php & hhvm versions
Bugs & Features
<?php ini_set('display_errors', 1); /** * This script check how PHP makes HTTPS (SSL/TLS) requests using PHP Streams * or cURL. Configuration options are passed as GET parameters, for example: * http://localhost/checksslcontext.php?reconfigure=1 * * Configuration: * http://localhost/checksslcontext.php * Basic PHP Streams using file_get_contents(). Default settings. * http://localhost/checksslcontext.php?reconfigure=1 * As above but reconfigures SSL Context for PHP Streams to be secure. * It will also reconfigure cURL (if selected) to use the Mozilla ciphersuite. * http://localhost/checksslcontext.php?curl=1 * Use cURL instead of PHP Streams (good to compare!) * http://localhost/checksslcontext.php?qualys=1 * Use the Qualys SSL Labs service instead of http://www.howsmyssl.com * * This script reflects result output from howsmyssl.com and ssllabs.com to your browser. */ $reconfigure = isset($_GET['reconfigure']) ? (bool) $_GET['reconfigure'] : false; $usecurl = isset($_GET['curl']) ? (bool) $_GET['curl'] : false; $checkqualys = isset($_GET['qualys']) ? (bool) $_GET['qualys'] : false; /** * https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Ciphersuite */ $ciphers = implode(':', array( 'ECDHE-RSA-AES128-GCM-SHA256', 'ECDHE-ECDSA-AES128-GCM-SHA256', 'ECDHE-RSA-AES256-GCM-SHA384', 'ECDHE-ECDSA-AES256-GCM-SHA384', 'DHE-RSA-AES128-GCM-SHA256', 'DHE-DSS-AES128-GCM-SHA256', 'kEDH+AESGCM', 'ECDHE-RSA-AES128-SHA256', 'ECDHE-ECDSA-AES128-SHA256', 'ECDHE-RSA-AES128-SHA', 'ECDHE-ECDSA-AES128-SHA', 'ECDHE-RSA-AES256-SHA384', 'ECDHE-ECDSA-AES256-SHA384', 'ECDHE-RSA-AES256-SHA', 'ECDHE-ECDSA-AES256-SHA', 'DHE-RSA-AES128-SHA256', 'DHE-RSA-AES128-SHA', 'DHE-DSS-AES128-SHA256', 'DHE-RSA-AES256-SHA256', 'DHE-DSS-AES256-SHA', 'DHE-RSA-AES256-SHA', 'AES128-GCM-SHA256', 'AES256-GCM-SHA384', 'ECDHE-RSA-RC4-SHA', 'ECDHE-ECDSA-RC4-SHA', 'AES128', 'AES256', 'RC4-SHA', 'HIGH', '!aNULL', '!eNULL', '!EXPORT', '!DES', '!3DES', '!MD5', '!PSK' )); if (!$checkqualys) { $url = 'https://www.howsmyssl.com'; $domain = 'howsmyssl.com'; } else { $url = 'https://www.ssllabs.com/ssltest/viewMyClient.html'; $domain = 'www.ssllabs.com'; } $context = stream_context_create(array( 'ssl' => array( 'ciphers' => $ciphers, 'verify_peer' => true, 'cafile' => '/etc/ssl/certs/ca-certificates.crt', // <-- EDIT FOR NON-DEBIAN/UBUNTU SYSTEMS 'CN_match' => $domain, 'verify_depth' => 3, 'disable_compression' => true, 'SNI_enabled' => true, 'SNI_server_name' => $domain ) )); if (!$usecurl) { if ($reconfigure) { $html = file_get_contents($url, null, $context); } else { $html = file_get_contents($url); // This default will be BAD! } } else { $ch = curl_init($url); if ($reconfigure) { curl_setopt($ch, CURLOPT_SSL_CIPHER_LIST, $ciphers); } curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $html = curl_exec($ch); curl_close($ch); } if (!$checkqualys) { $html = str_replace('href="/', 'href="https://www.howsmyssl.com/', $html); } else { $html = str_replace('href="/', 'href="https://www.ssllabs.com/', $html); } echo $html;
based on I2bFL
Output for 5.4.15 - 5.4.45, 5.5.33, 5.6.18 - 5.6.19, 7.0.4, 7.0.20, 7.1.5 - 7.2.0
Warning: file_get_contents(): php_network_getaddresses: getaddrinfo failed: System error in /in/pjfVq on line 88 Warning: file_get_contents(https://www.howsmyssl.com): failed to open stream: php_network_getaddresses: getaddrinfo failed: System error in /in/pjfVq on line 88
Output for 5.5.24 - 5.5.32, 5.5.34 - 5.6.17, 5.6.20 - 7.0.3, 7.0.5 - 7.0.6, 7.1.0
Warning: file_get_contents(): php_network_getaddresses: getaddrinfo failed: Name or service not known in /in/pjfVq on line 88 Warning: file_get_contents(https://www.howsmyssl.com): failed to open stream: php_network_getaddresses: getaddrinfo failed: Name or service not known in /in/pjfVq on line 88
Output for 5.3.19 - 5.4.14
Warning: file_get_contents(): Unable to find the wrapper "https" - did you forget to enable it when you configured PHP? in /in/pjfVq on line 88 Warning: file_get_contents(https://www.howsmyssl.com): failed to open stream: No such file or directory in /in/pjfVq on line 88