/** * Parse the certificate. * * @param Certificate $certificate * * @return ParsedCertificate */ public function parse(Certificate $certificate) { $rawData = openssl_x509_parse($certificate->getPEM()); if (!is_array($rawData)) { throw new CertificateParsingException(sprintf('Fail to parse certificate with error: %s', openssl_error_string())); } if (!isset($rawData['subject']['CN'])) { throw new CertificateParsingException('Missing expected key "subject.cn" in certificate'); } if (!isset($rawData['issuer']['CN'])) { throw new CertificateParsingException('Missing expected key "issuer.cn" in certificate'); } if (!isset($rawData['serialNumber'])) { throw new CertificateParsingException('Missing expected key "serialNumber" in certificate'); } if (!isset($rawData['validFrom_time_t'])) { throw new CertificateParsingException('Missing expected key "validFrom_time_t" in certificate'); } if (!isset($rawData['validTo_time_t'])) { throw new CertificateParsingException('Missing expected key "validTo_time_t" in certificate'); } $subjectAlternativeName = []; if (isset($rawData['extensions']['subjectAltName'])) { $subjectAlternativeName = array_map(function ($item) { return explode(':', trim($item), 2)[1]; }, array_filter(explode(',', $rawData['extensions']['subjectAltName']), function ($item) { return false !== strpos($item, ':'); })); } return new ParsedCertificate($certificate, $rawData['subject']['CN'], $rawData['issuer']['CN'], $rawData['subject'] === $rawData['issuer'], new \DateTime('@' . $rawData['validFrom_time_t']), new \DateTime('@' . $rawData['validTo_time_t']), $rawData['serialNumber'], $subjectAlternativeName); }