public function getServerCertificate()
{
if (!$this->_connection) {
$this->connect();
}
$x509Command = new sspmod_janus_OpenSsl_Command_X509();
$x509Command->execute($this->_connection->getOutput());
$pem = $x509Command->getOutput();
return new sspmod_janus_OpenSsl_Certificate($pem);
}
public static function createFromCertificateIssuerUrl(sspmod_janus_OpenSsl_Certificate $certificate, sspmod_janus_OpenSsl_Certificate_Chain $chain = null)
{
if (!$chain) {
$chain = new sspmod_janus_OpenSsl_Certificate_Chain();
}
$chain->addCertificate($certificate);
// Self signed?
if ($certificate->isSelfSigned()) {
return $chain;
}
// Root CA, add it and stop building
if (isset(self::$s_rootCertificates[$certificate->getIssuerDn()])) {
$chain->addCertificate(self::$s_rootCertificates[$certificate->getIssuerDn()]);
return $chain;
}
/**
* Get the certificate for the issuer of this certificate
*/
$issuerUrls = $certificate->getCertificateAuthorityIssuerUrls();
if (empty($issuerUrls)) {
throw new sspmod_janus_OpenSsl_Certificate_Chain_Exception_BuildingFailedIssuerUrlNotFound("Unable to get issuer certificate?");
}
foreach ($issuerUrls as $issuerUrl) {
$issuerCertificate = file_get_contents($issuerUrl);
if (!$issuerCertificate || trim($issuerCertificate) === "") {
// @todo Unable to get the issuer certificate... log this somewhere?
// For now we silently just use the next issuer url
continue;
}
// Not a PEM certificate? Probably a DER certificate, transform
if (strpos($issuerCertificate, '-----BEGIN CERTIFICATE-----') === false) {
$x509Command = new sspmod_janus_OpenSsl_Command_X509();
$x509Command->setInForm(sspmod_janus_OpenSsl_Command_X509::FORM_DER);
$x509Command->execute($issuerCertificate)->getOutput();
$issuerCertificate = $x509Command->getOutput();
}
$issuerCertificate = new sspmod_janus_OpenSsl_Certificate($issuerCertificate);
return self::createFromCertificateIssuerUrl($issuerCertificate, $chain);
}
throw new sspmod_janus_OpenSsl_Certificate_Chain_Exception_BuildingFailedIssuerUrlNotFound("Unable to get issuer certificate?");
}