{"id":6029,"date":"2018-09-10T19:51:15","date_gmt":"2018-09-10T11:51:15","guid":{"rendered":"http:\/\/4563.org\/?p=6029"},"modified":"2018-09-26T09:53:33","modified_gmt":"2018-09-26T01:53:33","slug":"%e5%ae%9a%e6%97%b6%e6%a3%80%e6%b5%8bssl%e8%af%81%e4%b9%a6%e8%bf%87%e6%9c%9f%e6%83%85%e5%86%b5%e5%b9%b6%e5%8f%91%e9%80%81%e9%80%9a%e7%9f%a5","status":"publish","type":"post","link":"http:\/\/4563.org\/?p=6029","title":{"rendered":"\u5b9a\u65f6\u68c0\u6d4bSSL\u8bc1\u4e66\u8fc7\u671f\u60c5\u51b5\u5e76\u53d1\u9001\u901a\u77e5"},"content":{"rendered":"<div class=\"single-content\">\n<p>Let\u2019s Encrypt\u514d\u8d39\u8bc1\u4e66\u53ea\u67093\u4e2a\u6708\u6709\u6548\u671f\uff0c\u5230\u671f\u9700\u8981\u7eed\u7b7e\u3002<\/p>\n<p>\u867d\u7136\u50cf\u5b9d\u5854\u4e00\u6837\u7684\u9762\u677f\u5728\u7533\u8bf7\u8bc1\u4e66\u540e\u4f1a\u81ea\u52a8\u6dfb\u52a0crontab\u4efb\u52a1\uff0c\u81ea\u52a8\u7eed\u7b7e\u3002\u4f46\u662f\u6709\u65f6\u5019\u9700\u8981\u624b\u52a8\u53bb\u68c0\u6d4b\u8bc1\u4e66\u8fc7\u671f\u60c5\u51b5\uff0c\u4ee5\u514d\u8fc7\u671f\u4e86\u8fd8\u4e0d\u77e5\u9053\u3002<\/p>\n<p>\u4e8e\u662f\u5c31\u60f3\u7740\u901a\u8fc7PHP\u6765\u68c0\u6d4b\u8bc1\u4e66\u7684\u8fc7\u671f\u65f6\u95f4\uff0c\u7136\u540e\u53d1\u9001\u65b9\u7cd6\u901a\u77e5\u3002<\/p>\n<p><img decoding=\"async\" loading=\"lazy\" class=\"alignnone size-full wp-image-6748\" src=\"https:\/\/4563.org\/wp-content\/uploads\/2018\/09\/20180926_015326.png\" alt=\"\" width=\"504\" height=\"353\" \/><\/p>\n<h2>\u6838\u5fc3<\/h2>\n<p>\u901a\u8fc7PHP\u91cc\u7684Streams\u6269\u5c55\u529f\u80fd\uff08stream_context_create\u3001stream_socket_client\u7b49\uff09\u51fd\u6570\u521b\u5efa\u5e76\u8fd4\u56de\u4e00\u4e2a\u8d44\u6e90\u6d41\uff0c\u7136\u540e\u901a\u8fc7openssl_x509_parse\u51fd\u6570\u89e3\u6790\u8bc1\u4e66\u4fe1\u606f<\/p>\n<p>stream_context_create\u51fd\u6570\u8be6\u89e3\uff1a<a href=\"http:\/\/www.php.net\/manual\/zh\/book.stream.php\" target=\"_blank\" rel=\"noopener\">http:\/\/www.php.net\/manual\/zh\/book.stream.php<\/a><\/p>\n<h2>\u4ee3\u7801<\/h2>\n<p>\u4e0b\u8f7d\uff1a<a href=\"http:\/\/4563.org\/wp-content\/uploads\/2018\/09\/certcheck.zip\">certcheck<\/a><\/p>\n<pre class=\"lazy pure-highlightjs\"><code class=\"lazy php hljs\"><span class=\"hljs-meta\">&lt;?php<\/span>\r\n\r\n<span class=\"hljs-comment\">\/\/\u9700\u8981\u68c0\u67e5\u7684\u57df\u540d\u6570\u7ec4<\/span>\r\n$domains = <span class=\"hljs-keyword\">array<\/span>(\r\n\t<span class=\"hljs-string\">\"bugxia.com\"<\/span>,\r\n\t<span class=\"hljs-string\">\"baidu.com\"<\/span>\r\n);\r\n\r\n<span class=\"hljs-keyword\">foreach<\/span>($domains <span class=\"hljs-keyword\">as<\/span> $domain){\r\n\t$result = check($domain);\r\n\t<span class=\"hljs-keyword\">echo<\/span> $domain.<span class=\"hljs-string\">\" ---- \"<\/span>.$result.<span class=\"hljs-string\">\"&lt;br&gt;\"<\/span>;\r\n}\r\n\r\n\r\n<span class=\"hljs-comment\">\/\/\u68c0\u6d4b\u8bc1\u4e66\u4fe1\u606f<\/span>\r\n<span class=\"hljs-function\"><span class=\"hljs-keyword\">function<\/span> <span class=\"hljs-title\">check<\/span><span class=\"hljs-params\">($domain)<\/span><\/span>{\r\n\t$stream_option = <span class=\"hljs-keyword\">array<\/span>(\r\n\t\t<span class=\"hljs-string\">\"ssl\"<\/span> =&gt; <span class=\"hljs-keyword\">array<\/span>(\r\n\t\t\t<span class=\"hljs-string\">\"capture_peer_cert_chain\"<\/span> =&gt; <span class=\"hljs-keyword\">true<\/span>\r\n\t\t)\r\n\t);\r\n\t$stream = stream_context_create($stream_option); \r\n\t$stream_client = stream_socket_client(<span class=\"hljs-string\">\"ssl:\/\/\"<\/span>.$domain.<span class=\"hljs-string\">\":443\"<\/span>, $errno, $errstr, <span class=\"hljs-number\">20<\/span>, STREAM_CLIENT_CONNECT, $stream);\r\n\t<span class=\"hljs-keyword\">if<\/span>(!$stream_client){\r\n\t\t<span class=\"hljs-keyword\">return<\/span> <span class=\"hljs-string\">\"\u53d1\u751f\u9519\u8bef\uff0c\u9519\u8bef\u4ee3\u7801\uff1a\"<\/span>.$errno;\r\n\t}\r\n\t$stream_info = stream_context_get_params($stream_client);\r\n\tstream_socket_shutdown($stream_client, STREAM_SHUT_WR);\r\n\t\r\n\t<span class=\"hljs-keyword\">foreach<\/span> ($stream_info[<span class=\"hljs-string\">\"options\"<\/span>][<span class=\"hljs-string\">\"ssl\"<\/span>][<span class=\"hljs-string\">\"peer_certificate_chain\"<\/span>] <span class=\"hljs-keyword\">as<\/span> $cert) {\r\n\t\t$cerInfo = openssl_x509_parse($cert);\r\n\t\t<span class=\"hljs-keyword\">if<\/span>(strstr($cerInfo[<span class=\"hljs-string\">\"extensions\"<\/span>][<span class=\"hljs-string\">\"subjectAltName\"<\/span>],<span class=\"hljs-string\">\"DNS:\"<\/span>.$domain) != <span class=\"hljs-keyword\">false<\/span>){\r\n\t\t\t<span class=\"hljs-keyword\">return<\/span> expireLeft($cerInfo[<span class=\"hljs-string\">'validTo_time_t'<\/span>]);\r\n\t\t\t<span class=\"hljs-keyword\">if<\/span>($cerInfo[<span class=\"hljs-string\">'validTo_time_t'<\/span>] - time() &lt; <span class=\"hljs-number\">86400<\/span>){\r\n\t\t\t\tsendFTQQ($domain);\r\n\t\t\t}\r\n\t\t}<span class=\"hljs-keyword\">else<\/span>{\r\n\t\t\t<span class=\"hljs-keyword\">return<\/span> <span class=\"hljs-string\">\"\u672a\u53d1\u73b0\u8be5\u8bc1\u4e66\u5bf9\u5e94\u7684\u57df\u540d\uff1a\"<\/span>.$cerInfo[<span class=\"hljs-string\">\"extensions\"<\/span>][<span class=\"hljs-string\">\"subjectAltName\"<\/span>];\r\n\t\t}\r\n\t}\r\n}\r\n\r\n<span class=\"hljs-comment\">\/\/\u8bc1\u4e66\u5230\u671f\u65f6\u95f4\u683c\u5f0f\u5316<\/span>\r\n<span class=\"hljs-function\"><span class=\"hljs-keyword\">function<\/span> <span class=\"hljs-title\">expireLeft<\/span><span class=\"hljs-params\">($exp_time)<\/span><\/span>{\r\n\t$sec = $exp_time - time();\r\n\t<span class=\"hljs-keyword\">switch<\/span> ($sec)\r\n\t{\r\n\t\t<span class=\"hljs-keyword\">case<\/span> $sec&lt;<span class=\"hljs-number\">0<\/span>:\r\n\t\t\t<span class=\"hljs-keyword\">return<\/span> <span class=\"hljs-string\">\"\u5df2\u8fc7\u671f\"<\/span>;\r\n\t\t\t<span class=\"hljs-keyword\">break<\/span>;  \r\n\t\t<span class=\"hljs-keyword\">case<\/span> $sec &gt; <span class=\"hljs-number\">0<\/span> <span class=\"hljs-keyword\">and<\/span> $sec &lt; <span class=\"hljs-number\">61<\/span>:\r\n\t\t\t<span class=\"hljs-keyword\">return<\/span> $c.<span class=\"hljs-string\">\"\u79d2\"<\/span>;\r\n\t\t\t<span class=\"hljs-keyword\">break<\/span>; \r\n\t\t<span class=\"hljs-keyword\">case<\/span> $sec &lt; <span class=\"hljs-number\">3600<\/span> <span class=\"hljs-keyword\">and<\/span> $sec &gt; <span class=\"hljs-number\">60<\/span>:\r\n\t\t\t<span class=\"hljs-keyword\">return<\/span> round($c\/<span class=\"hljs-number\">60<\/span>,<span class=\"hljs-number\">0<\/span>).<span class=\"hljs-string\">\"\u5206\u949f\"<\/span>;\r\n\t\t\t<span class=\"hljs-keyword\">break<\/span>; \r\n\t\t<span class=\"hljs-keyword\">case<\/span> $sec &lt; <span class=\"hljs-number\">86401<\/span> <span class=\"hljs-keyword\">and<\/span> $sec &gt; <span class=\"hljs-number\">3600<\/span>:\r\n\t\t\t<span class=\"hljs-keyword\">return<\/span> round($c\/<span class=\"hljs-number\">3600<\/span>,<span class=\"hljs-number\">0<\/span>).<span class=\"hljs-string\">\"\u5c0f\u65f6\"<\/span>;\r\n\t\t\t<span class=\"hljs-keyword\">break<\/span>; \r\n\t\t<span class=\"hljs-keyword\">case<\/span> $sec &gt; <span class=\"hljs-number\">86400<\/span>:\r\n\t\t\t<span class=\"hljs-keyword\">return<\/span> floor($sec\/<span class=\"hljs-number\">86400<\/span>).<span class=\"hljs-string\">\"\u5929\"<\/span>;\r\n\t\t\t<span class=\"hljs-keyword\">break<\/span>; \r\n\t}\r\n}\r\n<span class=\"hljs-comment\">\/\/\u65b9\u7cd6\u901a\u77e5<\/span>\r\n<span class=\"hljs-comment\">\/\/\u7533\u8bf7\u5730\u5740\uff1ahttp:\/\/sc.ftqq.com\/3.version<\/span>\r\n<span class=\"hljs-function\"><span class=\"hljs-keyword\">function<\/span> <span class=\"hljs-title\">sendFTQQ<\/span><span class=\"hljs-params\">($domain)<\/span><\/span>{\r\n\t$SCKEY = <span class=\"hljs-string\">\"\u65b9\u7cd6KEY\"<\/span>;\r\n\t$url = <span class=\"hljs-string\">'https:\/\/sc.ftqq.com\/'<\/span>.$SCKEY.<span class=\"hljs-string\">'.send?desp='<\/span>.urlencode($domain).<span class=\"hljs-string\">'&amp;text='<\/span>.urlencode(<span class=\"hljs-string\">\"\u57df\u540d\u8bc1\u4e66\u5230\u671f\u901a\u77e5\"<\/span>);\r\n\t$ch = curl_init();\r\n\tcurl_setopt($ch, CURLOPT_URL, $url);\r\n\tcurl_setopt($ch, CURLOPT_SSL_VERIFYPEER, <span class=\"hljs-keyword\">FALSE<\/span>);\r\n\tcurl_setopt($ch, CURLOPT_SSL_VERIFYHOST, <span class=\"hljs-keyword\">FALSE<\/span>);\r\n\tcurl_setopt($ch, CURLOPT_SSLVERSION , CURL_SSLVERSION_DEFAULT);\r\n\tcurl_setopt($ch, CURLOPT_POST, <span class=\"hljs-keyword\">TRUE<\/span>);\r\n\tcurl_setopt($ch, CURLOPT_POSTFIELDS, $data);        \r\n\tcurl_setopt($ch, CURLOPT_TIMEOUT, <span class=\"hljs-number\">10<\/span>);\r\n\tcurl_setopt($ch, CURLOPT_RETURNTRANSFER, <span class=\"hljs-number\">1<\/span>);\r\n\t$result = curl_exec($ch);\r\n\tcurl_close($ch);\r\n\t<span class=\"hljs-keyword\">return<\/span>;\r\n}\r\n<span class=\"hljs-meta\">?&gt;<\/span><\/code><\/pre>\n<p>&nbsp;<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Let\u2019s Encrypt\u514d\u8d39\u8bc1\u4e66&hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[],"tags":[],"_links":{"self":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/6029"}],"collection":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=6029"}],"version-history":[{"count":3,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/6029\/revisions"}],"predecessor-version":[{"id":6749,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/6029\/revisions\/6749"}],"wp:attachment":[{"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=6029"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=6029"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=6029"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}