How to check server certificate validity

Is it possible to edit httpclass to check the SERVER certificate validity?

I'm taking a look at www.php.net/openssl but, how can i retrieve the server certificate to check it?

Can i retrieve it from a socket?

Thanks in advance

Good question. I am not sure, but I don't think there is a way to enforce remote certificate validity when using fsockopen.

You can do that when using curl functions. If it is important for you, I can force using curl functions when certificate validation is required.

If you want i can try to edit your class and then send you my changes...

If i've correctly understand, i have to set up a certification authority for curl and then tell curl to don't estabilish connection with peers that aren't correctly certified, is it correct?

Here there are my changes, in the method Open near the line 500

if(IsSet($arguments["SSLCaInfo"])){
curl_setopt($this->connection, CURLOPT_SSL_VERIFYPEER, TRUE);
curl_setopt($this->connection,CURLOPT_CAINFO,$arguments["SSLCaInfo"]);
}

if(IsSet($arguments["SSLCaPath"])){
curl_setopt($this->connection, CURLOPT_SSL_VERIFYPEER, TRUE); curl_setopt($this->connection,CURLOPT_CAPATH,$arguments["SSLCaPath"]);
}

It check's the certificate, but it doesn't abort the connection...this is the debug output:

* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.

Why continuing anyway?
How can i force curl to abort the connection if the SSL certificate verify result isn't certified?

I suspect that you just need to specify to verify peer. Curl can only verify a peer if it has a certificate of the certification authority that issued the remote site certificate.

As for continuing the request anyway, that is silly. Maybe there is an option to make it abort the request in that case.