I am trying to develop an sslchecker.com analog for testing purposes.
I would like to understand few moments:
In results we can see "Resolves to" and "hostname". Is "Resolves to" a domain name, for which certificate is signed?
What is "hostname" in this case? It is not a form's value, because I see "Doesn't match" all the time. What should to be there?
How I can to detect with PHP functions of openssl or with pure openssl in terminal this:
3.1 "Resolves to" (to what domain it al is signed)
3.2 "hostname" (based on what is it from 2 question)
3.3 "Vendor signed" (yes or no. Yes - if we have "Issued by" values?)
3.4 PHP openssl functions gives to me chains without last Root certificate, why? How I can to take Root Certificate?
3.5 How I can to connect to one of certificate in chain with ssl protocol? What domain I should to use and port, how I can to detect it, is it possible?
3.6 How I can check domain of chain's certificates and to be sure, that certificates in chain are valid for this domains?
Sorry, if questions are not correct because of my bad english or bad SSL understanding. Also, what I can to read about? May be you can to recommend some video or short article instead of wiki?
For those, who don't want to use sslchecker.com, some screenshots from the website for better understanding
One more screenshot - it is a chain part from sslchecker.com
>>62021448
and my php functions of openssl return only first 3 certificates, without the root one. Why? How Can I take it too?
just one more picture for high attention of cool developers and professional linux users with berd and dirty pants! *it is a joke, of course*
Have a bump fellow knowledge seeker
>>62021799
thanks
>>62021396
i think you're confusing an A record (resolves to) and a PTR record (resolves from, or, hostname)
>>62022660
So it all is out of SSL data?
I need to check it from DNS records?