# PHP SSL context options

## Introduction

List of Context options for ssl:// and tls:// transports.

peer_name Peer name to be used. If this value is not set, then the name is guessed based on the hostname used when opening the stream. Require verification of SSL certificate used. Defaults to TRUE. Require verification of peer name. Defaults to TRUE. Allow self-signed certificates. Requires verify_peer. Defaults to FALSE Location of Certificate Authority file on local filesystem to be used to authenticate identity of remote peer. must be a correctly hashed certificate directory. Path to local certificate file on filesystem. Path to local private key file on filesystem in case of separate files for certificate and private key. Passphrase with which your local_cert file was encoded. Common Name we are expecting. If the Common Name does not match, connection attempt will fail. Abort if the certificate chain is too deep. Sets the list of available ciphers. The format of the string is described in » ciphers(1). If set to TRUE a peer_certificate context option will be created containing the peer certificate. If set to TRUE a peer_certificate_chain context option will be created containing the certificate chain. If set to TRUE server name indication will be enabled. If set, this value will be used as server name for server name indication. Otherwise server name is guessed based on the hostname used If set, disable TLS compression. Aborts when the remote certificate digest doesn't match the specified hash. Sets the security level. If not specified,default security level is used. Available as of PHP 7.2.0 and OpenSSL 1.1.0.

## Example

This example shows SSL context settings.

\$stream_context = stream_context_create([ 'ssl' => [
'local_cert' => '/path/to/key.pem',
'peer_fingerprint' => openssl_x509_fingerprint(file_get_contents('/path/to/key.crt')),
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true,
'verify_depth' => 0 ]]);

Advertisements