Digital Signature

Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy.
This forum is not for asking programming related questions.

Moderator: General Moderators

Post Reply
safeer007
Forum Newbie
Posts: 2
Joined: Tue Dec 07, 2010 12:05 am

Digital Signature

Post by safeer007 »

I have created a sample digital signature with OpenSSL in pem format (eg:- userkey.pem)containing private and public keys, and is exported to Mozilla 's certificates section.

how can I access the certificates stored in the browser via PHP ?

My aim is to check the browser for the certificate and to perform some actions accordingly..

I got some programs to verify the keys in the certificate, with an uploaded file or a file in the server itself (read file using the file_get_contents command in php). but I couldn't get the programs to access the certificates stored in user's browser or a memory device (Pen drive). If anybody knows it , pls reply
Last edited by safeer007 on Thu Dec 09, 2010 4:31 am, edited 3 times in total.
safeer007
Forum Newbie
Posts: 2
Joined: Tue Dec 07, 2010 12:05 am

Re: Digital Signature

Post by safeer007 »

the code I am searching for is like
<?

if( VerifyClient('Certficate.pem', 'password') == true)
{
Do Some Operations;
}

?>

I could not find anything useful about this from the net...

PHP Cannot access client certificates I think... searching for some JAVA Applets

anyway thanks for your quote..
User avatar
Weirdan
Moderator
Posts: 5978
Joined: Mon Nov 03, 2003 6:13 pm
Location: Odessa, Ukraine

Re: Digital Signature

Post by Weirdan »

It's webserver's job to validate client certificate. PHP kicks in later in the request processing workflow. For apache it's relatively easy to set up client ssl certificate authentication: http://httpd.apache.org/docs/2.2/ssl/ss ... esscontrol

To access client certificate fields from PHP you would use $_SERVER["SSL_CLIENT_*"] variables (like $_SERVER["SSL_CLIENT_S_DN_O"] for Organization part of Distinguished Name)
Post Reply