An SSL/TLS service for Laravel

Related tags

Security laravel-ssl
Overview

Laravel SSL

An SSL/TLS service for Laravel. Use the openssl driver it includes or create your own custom driver.

Installation

You can install the package via composer:

composer require jinomial/laravel-ssl

You can publish the config file with:

php artisan vendor:publish --provider="Jinomial\LaravelSsl\SslServiceProvider" --tag="laravel-ssl-config"

This is the contents of the published config file:

[ 'openssl' => [ 'driver' => 'openssl', ], ], ]; "> 
return [

    /*
    |--------------------------------------------------------------------------
    | Default SSL
    |--------------------------------------------------------------------------
    |
    | This option controls the default SSL driver that is used by the SSL
    | service. Alternative SSL drivers may be setup and used as needed;
    | however, this driver will be used by default.
    |
    */

    'default' => env('SSL_DRIVER', 'openssl'),

    /*
    |--------------------------------------------------------------------------
    | SSL Driver Configurations
    |--------------------------------------------------------------------------
    |
    | Here you may configure all of the SSL drivers used by your application
    | plus their respective settings. Several examples have been configured for
    | you and you are free to add your own as your application requires.
    |
    | Supported: "openssl"
    |
    */

    'drivers' => [
        'openssl' => [
            'driver' => 'openssl',
        ],
    ],

];

Usage

$response = Ssl::show('jinomial.com', 443);
print_r($response);

// Array
// (
//     [0] => Array
//         (
//             [certificate] => Array
//                 (
//                     [name] => /C=US/ST=California/L=San Francisco/O=Cloudflare, Inc./CN=sni.cloudflaressl.com
//                     [subject] => Array
//                         (
//                             [C] => US
//                             [ST] => California
//                             [L] => San Francisco
//                             [O] => Cloudflare, Inc.
//                             [CN] => sni.cloudflaressl.com
//                         )
//
//                     [hash] => c959965e
//                     [issuer] => Array
//                         (
//                             [C] => US
//                             [O] => Cloudflare, Inc.
//                             [CN] => Cloudflare Inc ECC CA-3
//                         )
//
//                     [version] => 2
//                     [serialNumber] => 7490133585878873344260773043003356172
//                     [serialNumberHex] => 05A28C18F8F74ACBCCF6A4542736740C
//                     [validFrom] => 211004000000Z
//                     [validTo] => 221003235959Z
//                     [validFrom_time_t] => 1633305600
//                     [validTo_time_t] => 1664841599
//                     [signatureTypeSN] => ecdsa-with-SHA256
//                     [signatureTypeLN] => ecdsa-with-SHA256
//                     [signatureTypeNID] => 794
//                     [purposes] => Array
//                         (
//                             [1] => Array
//                                 (
//                                     [0] => 1
//                                     [1] =>
//                                     [2] => sslclient
//                                 )
//
//                             [2] => Array
//                                 (
//                                     [0] => 1
//                                     [1] =>
//                                     [2] => sslserver
//                                 )
//
//                             [3] => Array
//                                 (
//                                     [0] =>
//                                     [1] =>
//                                     [2] => nssslserver
//                                 )
//
//                             [4] => Array
//                                 (
//                                     [0] =>
//                                     [1] =>
//                                     [2] => smimesign
//                                 )
//
//                             [5] => Array
//                                 (
//                                     [0] =>
//                                     [1] =>
//                                     [2] => smimeencrypt
//                                 )
//
//                             [6] => Array
//                                 (
//                                     [0] =>
//                                     [1] =>
//                                     [2] => crlsign
//                                 )
//
//                             [7] => Array
//                                 (
//                                     [0] => 1
//                                     [1] => 1
//                                     [2] => any
//                                 )
//
//                             [8] => Array
//                                 (
//                                     [0] => 1
//                                     [1] =>
//                                     [2] => ocsphelper
//                                 )
//
//                             [9] => Array
//                                 (
//                                     [0] =>
//                                     [1] =>
//                                     [2] => timestampsign
//                                 )
//
//                         )
//
//                     [extensions] => Array
//                         (
//                             [authorityKeyIdentifier] => keyid:A5:CE:37:EA:EB:B0:75:0E:94:67:88:B4:45:FA:D9:24:10:87:96:1F
//
//                             [subjectKeyIdentifier] => 1B:20:D1:CD:00:32:24:77:9F:F8:22:94:0F:B6:48:7F:39:B1:BE:C8
//                             [subjectAltName] => DNS:*.jinomial.com, DNS:sni.cloudflaressl.com, DNS:jinomial.com
//                             [keyUsage] => Digital Signature
//                             [extendedKeyUsage] => TLS Web Server Authentication, TLS Web Client Authentication
//                             [crlDistributionPoints] =>
// Full Name:
//   URI:http://crl3.digicert.com/CloudflareIncECCCA-3.crl
//
// Full Name:
//   URI:http://crl4.digicert.com/CloudflareIncECCCA-3.crl
//
//                             [certificatePolicies] => Policy: 2.23.140.1.2.2
//   CPS: http://www.digicert.com/CPS
//
//                             [authorityInfoAccess] => OCSP - URI:http://ocsp.digicert.com
// CA Issuers - URI:http://cacerts.digicert.com/CloudflareIncECCCA-3.crt
//
//                             [basicConstraints] => CA:FALSE
//                             [ct_precert_scts] => Signed Certificate Timestamp:
//     Version   : v1 (0x0)
//     Log ID    : 46:A5:55:EB:75:FA:91:20:30:B5:A2:89:69:F4:F3:7D:
//                 11:2C:41:74:BE:FD:49:B8:85:AB:F2:FC:70:FE:6D:47
//     Timestamp : Oct  4 22:14:44.288 2021 GMT
//     Extensions: none
//     Signature : ecdsa-with-SHA256
//                 30:45:02:20:48:67:EF:28:F6:F2:B7:C8:F5:0D:7C:3D:
//                 21:7B:D3:C9:37:4E:B2:7C:AC:70:22:9D:7F:4C:75:D1:
//                 27:97:89:9C:02:21:00:D9:44:6B:10:0B:F0:6E:2D:99:
//                 79:77:D7:C8:91:51:C5:E9:50:92:13:EE:99:80:50:FF:
//                 CB:BD:E6:87:5F:47:A6
// Signed Certificate Timestamp:
//     Version   : v1 (0x0)
//     Log ID    : 51:A3:B0:F5:FD:01:79:9C:56:6D:B8:37:78:8F:0C:A4:
//                 7A:CC:1B:27:CB:F7:9E:88:42:9A:0D:FE:D4:8B:05:E5
//     Timestamp : Oct  4 22:14:44.292 2021 GMT
//     Extensions: none
//     Signature : ecdsa-with-SHA256
//                 30:44:02:20:02:92:85:B2:A1:C6:09:18:E5:F4:48:12:
//                 32:C9:D6:FF:AE:F8:85:DC:E0:06:0D:CB:86:62:5C:E1:
//                 24:6B:F3:7D:02:20:03:20:01:0B:91:19:AD:4A:87:18:
//                 FA:5F:A3:98:13:95:CD:EC:8E:1D:63:22:EB:6A:E2:FE:
//                 33:BC:B1:D8:6C:6B
// Signed Certificate Timestamp:
//     Version   : v1 (0x0)
//     Log ID    : 41:C8:CA:B1:DF:22:46:4A:10:C6:A1:3A:09:42:87:5E:
//                 4E:31:8B:1B:03:EB:EB:4B:C7:68:F0:90:62:96:06:F6
//     Timestamp : Oct  4 22:14:44.184 2021 GMT
//     Extensions: none
//     Signature : ecdsa-with-SHA256
//                 30:46:02:21:00:C3:35:6C:A6:27:01:94:88:CF:85:C6:
//                 3D:33:06:08:DE:BB:14:61:D4:34:8C:AD:A4:24:1B:0F:
//                 FB:A7:17:13:EA:02:21:00:AE:AB:D7:C2:22:B6:FA:FE:
//                 7E:20:DA:94:44:18:41:91:DB:98:AC:EA:F8:03:36:57:
//                 D5:7C:33:4B:71:03:05:9B
//                         )
//
//                 )
//
//             [verification] => Array
//                 (
//                     [code] => 0
//                     [message] => ok
//                 )
//
//         )
//
// )

To show the certificate of a CA Issuer from an id-ad-caIssuers property:

$response = Ssl::show(
    'http://cacerts.digicert.com/CloudflareIncECCCA-3.crt',
    443,
    ['id-ad-caIssuers' => true]
);
print_r($response);

Testing

Run all tests:

composer test

Test suites are separated into "unit" and "integration". Run each suite:

composer test-unit
composer test-integration

Tests are grouped into the following groups:

  • network
  • drivers
  • openssl
  • manager
  • facades
  • commands

Run tests for groups:

composer test -- --include=manager,facades

Network tests make remote calls that can take time or fail. Exclude them:

composer test-unit -- --exclude=network

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

License

The MIT License (MIT). Please see License File for more information.

You might also like...
MOFHY Lite is a priceless MyOwnFreeHost Client Area for account management, ticket support system and a free ssl service

MOFHY Lite is a priceless MyOwnFreeHost Client Area for account management, ticket support system and a free ssl service. It has easy to use features much like the WHMCS Digit UI interface.

MOFHY Developers 1 Oct 21, 2022
Laravel 8 boilerplate in docker-compose with Treafik and SSL setup and github workflow ready for CI/CD pipeline

Laravel8 boilerplate Laravel 8 boilerplate in docker-compose with Treafik and SSL setup with .github workflow ready To start the containers in prod en

Tej Dahal 5 Jul 9, 2022
Laravel Sail plugin to enable SSL (HTTPS) connection with Nginx.

Laravel Sail plugin to enable SSL (HTTPS) connection with Nginx.

Ryo Kobayashi 51 Dec 19, 2022
An asynchronous event driven PHP socket framework. Supports HTTP, Websocket, SSL and other custom protocols. PHP>=5.3.
An asynchronous event driven PHP socket framework. Supports HTTP, Websocket, SSL and other custom protocols. PHP=5.3.

Workerman What is it Workerman is an asynchronous event-driven PHP framework with high performance to build fast and scalable network applications. Wo

walkor 10.2k Jan 4, 2023
Sslurp is a simple library which aims to make properly dealing with SSL in PHP suck less.

Sslurp v1.0 by Evan Coury Introduction Dealing with SSL properly in PHP is a pain in the ass and completely insecure by default. Sslurp aims to make i

Evan Coury 65 Oct 14, 2022
An asynchronous event driven PHP socket framework. Supports HTTP, Websocket, SSL and other custom protocols. PHP>=5.3.
An asynchronous event driven PHP socket framework. Supports HTTP, Websocket, SSL and other custom protocols. PHP=5.3.

Workerman What is it Workerman is an asynchronous event-driven PHP framework with high performance to build fast and scalable network applications. Wo

walkor 10.2k Dec 31, 2022
A powerful and easy to configure uptime and ssl monitor
A powerful and easy to configure uptime and ssl monitor

A powerful, easy to configure uptime monitor Laravel-uptime-monitor is a powerful, easy to configure uptime monitor. It will notify you when your site

Spatie 939 Dec 30, 2022
MOFHY Lite is a free web hosting management system to manage MOFH hosting accounts and SSL certificates.

MOFHY Lite is a free of cost MOFH clientarea for account management and support services with free ssl service. It have easy to use feature

Mahtab Hassan 17 Dec 8, 2022
Plugin to diagnose/fix ClassicPress SSL issues.
Plugin to diagnose/fix ClassicPress SSL issues.

ClassicPress SSL Fix This plugin provides a way to work around the issue "cURL error 60: SSL certificate problem: certificate has expired" in ClassicP

ClassicPress Research 2 Oct 10, 2021
PHP project for tracking Azure AD App Reg secrets about to expire, and (manually) tracking SSL certificates

CertExpiry Katy Nicholson https://katystech.blog/ Setup instructions etc available at: https://katystech.blog/2021/11/certexpiry/ PHP project for trac

Katy Nicholson 5 Oct 2, 2022
MOFHY Lite is a free web hosting management system to manage MOFH hosting accounts and SSL certificates.

MOFHY Lite MOFHY LITE is a priceless MyOwnFreeHost Client Area for account management, ticket support system and a free ssl service. It has easy to us

Santiago Rodríguez 6 Dec 28, 2021
Magento2 + Varnish + PHP7 + Redis + SSL (cluster ready)

Docker Magento2: Varnish + PHP7 + Redis + SSL cluster ready docker-compose infrastructure Infrastructure overview Container 1: MariaDB Container 2: Re

Fabrizio Balliano 332 Dec 30, 2022
Mofhy is a secure, fast and responsive client area for managing MyOwnFreeHost accounts and ssl certificates.

Mofhy is an open-source MyOwnFreeHost client area for managing accounts and ssl certificates. It has easy to use features much like the WHMCS Digit UI interface

Mofhy 12 Dec 15, 2022
A laravel service provider for the netsuite-php library service

netsuite-laravel A PHP supplemental package to the ryanwinchester/netsuite-php package to add the NetSuite service client to the service container of

NetsuitePHP 6 Nov 9, 2022
Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities.
Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities.

Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities.

Sam Sanoop 416 Dec 17, 2022
Tars is a high-performance RPC framework based on name service and Tars protocol, also integrated administration platform, and implemented hosting-service via flexible schedule.

TARS - A Linux Foundation Project TARS Foundation Official Website TARS Project Official Website WeChat Group: TARS01 WeChat Offical Account: TarsClou

THE TARS FOUNDATION PROJECTS 9.6k Jan 1, 2023
SleekwareDB is a NoSQL database storage service. A database storage service that can be used for various platforms and is easy to integrate.
SleekwareDB is a NoSQL database storage service. A database storage service that can be used for various platforms and is easy to integrate.

SleekwareDB is a NoSQL database storage service. A database storage service that can be used for various platforms and is easy to integrate. NoSQL API

SleekwareDB 12 Dec 11, 2022
A simple Laravel service provider for easily using HTMLPurifier inside Laravel

HTMLPurifier for Laravel 5/6/7/8 A simple Laravel service provider for easily using HTMLPurifier inside Laravel. From their website: HTML Purifier is

MeWebStudio - Muharrem ERİN 1.7k Jan 6, 2023
An open source image hosting service powered by Laravel
An open source image hosting service powered by Laravel

Limg An open source image hosting service powered by Laravel Features Upload your image via file, url or ShareX ! Manage your image (custom title, pub

Thomas 56 Dec 16, 2022
Releases(v1.0.0-beta.1)
Owner
null
GitHub
Laravel Sail plugin to enable SSL (HTTPS) connection with Nginx.

Laravel Sail plugin to enable SSL (HTTPS) connection with Nginx.

Ryo Kobayashi 51 Dec 19, 2022
Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities.

Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities.

Sam Sanoop 416 Dec 17, 2022
Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campbell/security-core

Laravel Security Laravel Security was created by, and is maintained by Graham Campbell, and is a voku/anti-xss wrapper for Laravel, using graham-campb

Graham Campbell 170 Nov 20, 2022
Laravel Automated Vulnerability Scanner

Todo Laravel Fingerprint Laravel Leak .env Laravel Debug Mode Laravel CVE-2018-15133 Laravel Ignition CVE-2021-3129 Insecure Deserialization with APP_

Carlos Vieira 52 Dec 4, 2022
Web Application Firewall (WAF) package for Laravel

Web Application Firewall (WAF) package for Laravel This package intends to protect your Laravel app from different type of attacks such as XSS, SQLi,

Akaunting 681 Jan 3, 2023
Replaces Laravel's built-in encryption with an encryption based on AWS KMS

Laravel Kms Encryption Introduction This package replaces Laravel's built-in encryption with an encryption based on AWS KMS. Two major features provid

Arnaud Becher 3 Oct 26, 2021
Laravel and Lumen Source Code Encrypter

Laravel Source Encrypter This package encrypts your php code with phpBolt For Laravel and Lumen 6, 7, 8 Installation Usage Installation Step 1 At the

Siavash Bamshadnia 363 Jan 1, 2023
Honeypot spam prevention for Laravel applications

Honeypot spam prevention for Laravel applications How does it work? "Honeypot" method of spam prevention is a simple and effective way to defer some o

Maksim Surguy 420 Jan 1, 2023
Automatic Encrypt and Decrypt your database data. Tested and used on Laravel 8

Laravel Encrypt Database Automatic Encrypt and Decrypt your database data. Tested and used on Laravel 8. I'm yet building the tests. Important Note th

Wellington Barbosa 2 Dec 15, 2021
php for SSL/TLS ja3 fingerprint.

php for SSL/TLS ja3 fingerprint. This project has two ideas, one is to cooperate with the web server (wkm_ja3.php), and the other is to monitor the tcpdump standard output (ja3_tcpdump.php)

null 9 Aug 26, 2022