Download the PHP package stayallive/certificate-chain-resolver without Composer

On this page you can find all versions of the php package stayallive/certificate-chain-resolver. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of stayallive/certificate-chain-resolver

Informations about the package certificate-chain-resolver

Certificate Chain Resolver

Latest Version Build Status Total Downloads

Resolve a certificate chain with a simple to use interface.

A hosted version using this package can be found here: chief.tools/certificate-chain-resolver.

Installation

Usage

You can use Resolver::fetchForCertificate to retrieve the full PEM encoded chain as a string.

You can use Certificate::loadFromPathOrUrl to retrieve a Certificate instance you need for constructing a Resolver instance.

The certificate is fetched using file_get_contents so any path or URL that is supported by file_get_contents should work.

The Certificate can be in multiple formats and encodings, currently supported: PEM, DER and PKCS7, they are all normalized to PEM encoding.

If you need the chain without the original certificate or want to get an array of Certificate instances representing the chain you can use the Resolver class directly:

There are 2 possible exceptions that are thrown while retrieving the certificate or it's chain, they both extend ResolverException:

Background: the trust chain

All operating systems contain a set of default trusted root certificates. But Certificate Authorities usually don't use their root certificate to sign customer certificates. Instead of they use so called intermediate certificates, because they can be rotated more frequently.

A certificate can contain a special Authority Information Access extension (RFC-3280) with URL to issuer's certificate. Most browsers can use the AIA extension to download missing intermediate certificate to complete the certificate chain. This is the exact meaning of the Extra download message. But some clients, mostly mobile browsers, don't support this extension, so they report such certificate as untrusted.

This results in 'untrusted'-warnings since the browser thinks you are on an insecure connection.

A server should always send a complete chain, which means concatenated all certificates from the certificate to the trusted root certificate (exclusive, in this order), to prevent such issues. So when installing a SSL certificate on a server you should install all intermediate certificates as well. You should be able to fetch intermediate certificates from the issuer and concat them together by yourself.

This package helps you automatize that boring task by looping over certificate's AIA extension field and returning the full chain to you.

Credits

This package was originally created as a fork of ssl-certificate-chain-resolver written by Spatie which was inspired by cert-chain-resolver written by Jan Žák. Some text, mainly the background about the trust chain, was copied from the readme of his repo.

Security Vulnerabilities

If you discover a security vulnerability within this package, please send an e-mail to Alex Bouma at [email protected]. All security vulnerabilities will be swiftly addressed.

License

This package is open-sourced software licensed under the MIT license.

All versions of certificate-chain-resolver with dependencies

PHP Build Version
Package Version
Requires php Version ^8.0
phpseclib/phpseclib Version ^3.0.13
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package stayallive/certificate-chain-resolver contains the following files

Loading the files please wait ....