Reputation: 59
How to get the list of cipher suits offered by my client?
I am trying to get the list of Cipher Suits offered by my clients when visiting my PHP web page.
I tried checking $_SERVER['SSL_CLIENT_CERT'] or $_SERVER['SSL_CLIENT_CERT_CHAIN_0'], but I am getting the following error
Warning: Undefined array key "SSL_CLIENT_CERT" ..
My webserver is Apache (XAMPP). It seems that the super global variable $_SERVER is not populated with this information. Any idea on how can I get it?
Note: $_SERVER['HTTPS'] is 'on'
Upvotes: 1
Views: 2010
Answers (1)
Reputation: 690
To obtain a list of available cipher methods for your server, use function openssl_get_cipher_methods(). This, however, will not provide you with a list of the cipher suites supported by the client during a specific connection.
To determine the cipher used by the client, inspect the SSL/TLS handshake. Connect to a web server using the command openssl s_client -connect hostname:port to view the details of the handshake, including the negotiated cipher suite or use mod ssl or another Apache module to log the SSL/TLS information in the logs, which will include the negotiated cipher.
$_SERVER is a superglobal variable and its populated based on the configuration of the web server.
Upvotes: 1
Related Questions
- DPDK failed to configure eth device with err No: -22, tx_queues is greater than one (Ethdev port_id=0 nb_tx_queues=2 > 1)
- DPDK cannot detect ethernet ports
- DPDK: Problem with Rx offloads capabilities
- NIC is unavailable in DPDK application
- Unable to bind intel NIC X710
- DPDK: Enable jumbo frames on X710 NIC card
- DPDK 18.11 HW checksum support for X722 NIC?
- Where is dpdk file rte_build_config.h?
- X710 (i40e) NIC DPDK bind Error in centos 7.3
- How can I get dpdk to recognize a NIC virtualized by Linux?