我正在开发一个系统,可以检查远程服务器是否启用了SSL
我的输入是一个简单的网址,例如 http://www.stackoverflow.com
我该怎么做?
答案 0 :(得分:2)
$sslEnabled = (isset($_SERVER['HTTPS']) && strtolower($_SERVER['HTTPS']) != 'off') ? TRUE : FALSE;
编辑1
使用curl:通过 https 更改 http
将HEAD Request发送到此网址
阅读 http响应:如果 200 ,则启用ssl
编辑2
输入:http://www.stackoverflow.com
天真的方法:$url = str_replace ("http", "https", $input);
preampring curl:使用 HTTP
$ch = curl_init ($url);
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_VERBOSE, 0);
curl_setopt ($ch, CURLOPT_HEADER, 1); // i want to read header response from server
curl_setopt ($ch, CURLOPT_CUSTOMREQUEST, 'HEAD'); // my request is HEAD
curl_setopt ($ch, CURLOPT_NOBODY, true); // i don't need to get body response : it is better for me and for the remote server
curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, true); // to follow the location when http response is 301
curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, 10); // if ssl is not enabled, my connection can take a lot of time so i will wait only for 10 seconds otherwise SSL is not enabled : you can enhance this value
curl_exec ( $ch ) ;
$header = curl_getinfo($ch, CURLINFO_HEADER_OUT);
var_dump ($header_size);
结果是:(我得到2个http响应,你应该拿最后一个)
* About to connect() to proxy XXX.YYY.ZZZ.AAA port N (#0)
* Trying XXX.YYY.ZZZ.AAA... * connected
* Connected to XXX.YYY.ZZZ.AAA (XXX.YYY.ZZZ.AAA) port N (#0)
* ******************************************
> HEAD http://www.stackoverflow.com HTTP/1.1
* ******************************************
Host: www.stackoverflow.com
Pragma: no-cache
Accept: */*
Proxy-Connection: Keep-Alive
< HTTP/1.0 301 Moved Permanently
< Content-Length: 148
< Content-Type: text/html; charset=UTF-8
< Location: http://stackoverflow.com/
< Date: Wed, 13 May 2015 11:01:07 GMT
* ******************************************
* ******************************************
* ******************************************
* ******************************************
< Proxy-Connection: keep-alive
* Connection #0 to host XXX.YYY.ZZZ.AAA left intact
* Issue another request to this URL: 'http://stackoverflow.com/'
* Examining connection #0 for reuse
* Re-using existing connection! (#0) with host XXX.YYY.ZZZ.AAA
* Connected to XXX.YYY.ZZZ.AAA (XXX.YYY.ZZZ.AAA) port N (#0)
* ******************************************
> HEAD http://stackoverflow.com/ HTTP/1.1
* ******************************************
Host: stackoverflow.com
Pragma: no-cache
Accept: */*
Proxy-Connection: Keep-Alive
< HTTP/1.0 200 OK
< Cache-Control: public, no-cache="Set-Cookie", max-age=52
< Content-Length: 238748
< Content-Type: text/html; charset=utf-8
< Expires: Wed, 13 May 2015 11:02:01 GMT
< Last-Modified: Wed, 13 May 2015 11:01:01 GMT
< Vary: *
< X-Frame-Options: SAMEORIGIN
* ******************************************
< Set-Cookie: prov=bb4ad145-d7ed-4d40-8e02-43976c589c10; domain=.stackoverflow.com; expires=Fri, 01-Jan-2055 00:00:00 GMT; path=/; HttpOnly
< Date: Wed, 13 May 2015 11:01:08 GMT
* ******************************************
* ******************************************
* ******************************************
* ******************************************
< Proxy-Connection: keep-alive
* Connection #0 to host XXX.YYY.ZZZ.AAA left intact
* Closing connection #0
标头响应: HTTPS (stackoverflow在端口443上没有SLL)
* About to connect() to www.stackoverflow.com port 443 (#0)
* Trying 198.252.206.16... * Timeout
* connect() timed out!
* Closing connection #0
注意:您必须在 php.ini 文件中启用 php_curl.dll 并重新启动服务器
答案 1 :(得分:2)
有多种方法可以做到这一点。第一个是最简单的,只是尝试使用HTTPS协议从指定的URL检索数据(例如,使用file_get_contents())。你有一个超时?这很可能意味着不支持SSL / TLS。
另一个是打开一个套接字到443端口。获取超时?同样,这很可能意味着不支持安全连接。
另一种为您提供更多信息的方法是shell调用OpenSSL(openssl s_client -connect example.com:443)之类的东西。但这是更多的工作,并不总是允许,更容易出错,你需要自己解析结果。
第一个解决方案的一个未经测试的(当前没有可用的服务器)并且很可能没有完全正常工作(我在几年内没有写过一行PHP)示例:
<?php
error_reporting(E_ALL);
$hasSsl = false;
if ($_SERVER["REQUEST_METHOD"] == "post")
{
// I hate error suppressing, but it's just a quick 'n dirty example!
$data = @file_get_contents($_POST["url"]);
$hasSsl = (strlen($data) != 0);
}
// Do something with $hasSsl
?>
<!doctype HTML>
<body>
<form method="post">
<p>
<input type="uri" name="url">
<input type="submit">
</p>
</form>
</body>
答案 2 :(得分:2)
读取Curl响应返回的标题信息
对于curl库及其curl函数,请浏览http://php.net/manual/en/book.curl.php
答案 3 :(得分:1)
https://stackoverflow.com/a/21848415/524743
使用扩展加载检查!
http://php.net/manual/en/function.extension-loaded.php
if(!extension_loaded('openssl')) {
throw new Exception('This app needs the Open SSL PHP extension.');
}
或那个https://stackoverflow.com/a/7304205/524743
if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off') {
// SSL connection
}