###SSL context option
- peer_fingerprint: string|array
Aborts when the certificate fingerprint doesn't match the given hash. The behaviour depends on the variable type:
- when a string is passed, depending on the length MD5 (32) or SHA1 (40) will be used as the hashing algorithm.
- when an array is passed, the key determines the algorithm (e.g. "sha256") and the corresponding value is used to compare against.
For example:
'peer_fingerprint' => '12341234abcdefab12341234abcdefab' // MD5 hash used
Or:
'peer_fingerprint' => ['sha256' => '12341234abcdefab12341234abcdefab...'] // SHA256 hash used
###Function
openssl_x509_fingerprint(mixed $x509 [, string $algorithm = 'sha1' [, bool $raw_output = false ]])
Description: Calculates the fingerprint, or digest, of a given X.509 certificate.
Arguments:
x509 The examined certificate
algorithm The hash algorithm to use, e.g. "md5" or "sha1"
raw_output When set to TRUE, outputs raw binary data. FALSE outputs lowercase hexits.
Return values:
Returns a string containing the calculated certificate fingerprint as lowercase hexits unless raw_output is set to true in which case the raw binary representation of the message digest is returned.
Returns FALSE on failure.