PKI Tutorials - Herong's Tutorial Examples - v2.32, by Herong Yang
Testing OpenSSL with fsockopen()
This section provides a tutorial example on how to test the PHP OpenSSL module with the fsockopen() function, which allows you to open a socket connection to a remote computer with the regular TCP protocol or the secure TLS protocol.
So far, I have only tested OpenSSL functionalities with the HTTPS protocol. But the OpenSSL module also supports other SSL or TLS protocols.
The fsockopen() function allows you to open a socket connection to a remote computer with the regular TCP protocol or the secure TLS protocol.
Here is another tutorial example that uses the fsockopen() function:
<?php # OpenSSL_fsockopen.php #- Copyright (c) 2010-2018 HerongYang.com. All Rights Reserved. # $script = array_shift($argv); $url = array_shift($argv); $port = array_shift($argv); $timeout = 5; # in seconds $handle = fsockopen($url, $port, $errno, $errmsg, $timeout); print(fgets($handle)."\n"); ?>
1. Run this example code to the SSH port 22 on a local network computer. Regular TCP protocol is used.
herong$ php OpenSSL_fsockopen.php tcp://192.168.1.100 22 SSH-2.0-OpenSSH_8.0
2. Run this example code to the SMTP port 25 on a local network computer. Regular TCP protocol is used.
herong$ php OpenSSL_fsockopen.php tcp://192.168.1.100 25 220 mail.herong.home ESMTP Postfix
3. Run this example code to the FTP port 21 on a local network computer. It fails, because the remote computer is not serving that port.
herong$ php OpenSSL_fsockopen.php tcp://192.168.1.100 21 PHP Warning: fsockopen(): unable to connect to tcp://192.168.1.100:21 (Connection refused)
4. Run this example code to the SMTPS port 465 on Yahoo mail server. Secure TLS protocol is needed.
herong$ php OpenSSL_fsockopen.php tls://smtp.mail.yahoo.com 465 220 smtp.mail.yahoo.com ESMTP ready
5. Run this example code to the SMTPS port 465 on Yahoo mail server, using the regular TCP protocol. It fails, because the mail server expects the TLS handshaking.
herong$ php OpenSSL_fsockopen.php tcp://smtp.mail.yahoo.com 465 Z
6. Run this example code to the SMTPS port 465 on a local network computer. It fails, because the PHP engine is not able validate the server's certificate.
herong$ php OpenSSL_fsockopen.php tls://192.168.1.100 465
PHP Warning: fsockopen(): SSL operation failed with code 1.
OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:
certificate verify failed in OpenSSL_TLS_fsockopen.php on line 16
If the remote computer uses a self-signed certificate, you need to download that certificate to your Mac computer, and provide it the PHP engine as a trusted CA certificate. See the next tutorial.
Table of Contents
Introduction of PKI (Public Key Infrastructure)
Introduction of HTTPS (Hypertext Transfer Protocol Secure)
Using HTTPS with Google Chrome
Using HTTPS with Mozilla Firefox
HTTPS with IE (Internet Explorer)
Android and Server Certificate
Windows Certificate Stores and Console
RDP (Remote Desktop Protocol) and Server Certificate
macOS Certificate Stores and Keychain Access
Perl Scripts Communicating with HTTPS Servers
►PHP Scripts Communicating with HTTPS Servers
Configuring PHP OpenSSL on Windows
Testing OpenSSL with file_get_contents()
SSL Context Options for OpenSSL
Asking OpenSSL to Verify Server's Certificate
OpenSSL Failing to Verify Server's Certificate
Multiple CA Certificates in a Single File
►Testing OpenSSL with fsockopen()
Adding CA Certificates for the PHP Engine
Testing OpenSSL with stream_socket_client()
Java Programs Communicating with HTTPS Servers
.NET Programs Communicating with HTTPS Servers
CAcert.org - Root CA Offering Free Certificates
PKI CA Administration - Issuing Certificates
Comodo Free Personal Certificate
Digital Signature - Microsoft Word
Digital Signature - OpenOffice.org 3