Page 1 of 1

Digital Signature

Posted: Tue Dec 07, 2010 12:12 am
by safeer007
I have created a sample digital signature with OpenSSL in pem format (eg:- userkey.pem)containing private and public keys, and is exported to Mozilla 's certificates section.

how can I access the certificates stored in the browser via PHP ?

My aim is to check the browser for the certificate and to perform some actions accordingly..

I got some programs to verify the keys in the certificate, with an uploaded file or a file in the server itself (read file using the file_get_contents command in php). but I couldn't get the programs to access the certificates stored in user's browser or a memory device (Pen drive). If anybody knows it , pls reply

Re: Digital Signature

Posted: Thu Dec 09, 2010 4:21 am
by safeer007
the code I am searching for is like
<?

if( VerifyClient('Certficate.pem', 'password') == true)
{
Do Some Operations;
}

?>

I could not find anything useful about this from the net...

PHP Cannot access client certificates I think... searching for some JAVA Applets

anyway thanks for your quote..

Re: Digital Signature

Posted: Sat Jan 22, 2011 11:32 am
by Weirdan
It's webserver's job to validate client certificate. PHP kicks in later in the request processing workflow. For apache it's relatively easy to set up client ssl certificate authentication: http://httpd.apache.org/docs/2.2/ssl/ss ... esscontrol

To access client certificate fields from PHP you would use $_SERVER["SSL_CLIENT_*"] variables (like $_SERVER["SSL_CLIENT_S_DN_O"] for Organization part of Distinguished Name)