PHP Extension
PHP Extension
Find Certificate by Email Address
See more Cert Store Examples
Demonstrates how to find a certificate having the specified email address either within the cert's subject email, or the RFC822 name.In an X.509 certificate, an email address can typically be located in two places:
- RFC822 Name (Subject Alternative Name extension) -
- The certificate may include an email address in the Subject Alternative Name (SAN) extension under the RFC822 Name field. This is a modern and preferred method because it allows for flexibility and alignment with security best practices.
- To find it, Chilkat inspects the SAN extension in the certificate details.
- Subject (Common Name or Email Address attribute) -
- Older certificates may store the email address directly in the Subject field, typically under the Email Address attribute ("emailAddress") or, less commonly, the Common Name (CN).
- This method is less preferred in modern standards but can still be encountered in legacy implementations. Chilkat also searches here for the email address.
Note: Requires Chilkat v10.1.2 or later.
Chilkat PHP Extension Downloads
<?php
include("chilkat.php");
$success = false;
$certStore = new CkCertStore();
// This opens the Current User certificate store on Windows,
// On MacOS and iOS it opens the default Keychain.
$readOnly = false;
$success = $certStore->OpenCurrentUserStore($readOnly);
if ($success == false) {
print $certStore->lastErrorText() . "\n";
exit;
}
// Find the certificate having the specified email address in either the RFC822 Name or in the Subject.
$json = new CkJsonObject();
$email_address = 'joe@example.com';
$json->UpdateString('email',$email_address);
$cert = new CkCert();
$success = $certStore->FindCert($json,$cert);
if ($success == true) {
// Show the full distinguished name of the certificate.
print 'Found: ' . $cert->subjectDN() . "\n";
}
else {
print 'Not found.' . "\n";
}
?>