<HTML ><HEAD ><TITLE >openssl_x509_checkpurpose</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK REL="HOME" TITLE="PHP Manual" HREF="index.html"><LINK REL="UP" TITLE="OpenSSL functions" HREF="ref.openssl.html"><LINK REL="PREVIOUS" TITLE="openssl_x509_check_private_key" HREF="function.openssl-x509-check-private-key.html"><LINK REL="NEXT" TITLE="openssl_x509_export_to_file" HREF="function.openssl-x509-export-to-file.html"><META HTTP-EQUIV="Content-type" CONTENT="text/html; charset=ISO-8859-1"></HEAD ><BODY CLASS="refentry" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >PHP Manual</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="function.openssl-x509-check-private-key.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" ></TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="function.openssl-x509-export-to-file.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><H1 ><A NAME="function.openssl-x509-checkpurpose" ></A >openssl_x509_checkpurpose</H1 ><DIV CLASS="refnamediv" ><A NAME="AEN68760" ></A ><P > (PHP 4 >= 4.0.6)</P >openssl_x509_checkpurpose -- Verifies if a certificate can be used for a particular purpose</DIV ><DIV CLASS="refsect1" ><A NAME="AEN68763" ></A ><H2 >Description</H2 >bool <B CLASS="methodname" >openssl_x509_checkpurpose</B > ( mixed x509cert, int purpose, array cainfo [, string untrustedfile])<BR ></BR ><P > Returns <TT CLASS="constant" ><B >TRUE</B ></TT > if the certificate can be used for the intended purpose, <TT CLASS="constant" ><B >FALSE</B ></TT > if it cannot, or -1 on error. </P ><P > <B CLASS="function" >openssl_x509_checkpurpose()</B > examines the certificate specified by <TT CLASS="parameter" ><I >x509cert</I ></TT > to see if it can be used for the purpose specified by <TT CLASS="parameter" ><I >purpose</I ></TT >. </P ><P > <TT CLASS="parameter" ><I >cainfo</I ></TT > should be an array of trusted CA files/dirs as described in <A HREF="ref.openssl.html#openssl.cert.verification" >Certificate Verification</A >. </P ><P ><TT CLASS="parameter" ><I >untrustedfile</I ></TT >, if specified, is the name of a PEM encoded file holding certificates that can be used to help verify the certificate, although no trust in placed in the certificates that come from that file. </P ><P > <DIV CLASS="table" ><A NAME="AEN68793" ></A ><P ><B >Table 1. <B CLASS="function" >openssl_x509_checkpurpose()</B > purposes</B ></P ><TABLE BORDER="1" CLASS="CALSTABLE" ><THEAD ><TR ><TH ALIGN="LEFT" VALIGN="MIDDLE" >Constant</TH ><TH ALIGN="LEFT" VALIGN="MIDDLE" >Description</TH ></TR ></THEAD ><TBODY ><TR ><TD ALIGN="LEFT" VALIGN="MIDDLE" >X509_PURPOSE_SSL_CLIENT</TD ><TD ALIGN="LEFT" VALIGN="MIDDLE" >Can the certificate be used for the client side of an SSL connection?</TD ></TR ><TR ><TD ALIGN="LEFT" VALIGN="MIDDLE" >X509_PURPOSE_SSL_SERVER</TD ><TD ALIGN="LEFT" VALIGN="MIDDLE" >Can the certificate be used for the server side of an SSL connection?</TD ></TR ><TR ><TD ALIGN="LEFT" VALIGN="MIDDLE" >X509_PURPOSE_NS_SSL_SERVER</TD ><TD ALIGN="LEFT" VALIGN="MIDDLE" >Can the cert be used for Netscape SSL server?</TD ></TR ><TR ><TD ALIGN="LEFT" VALIGN="MIDDLE" >X509_PURPOSE_SMIME_SIGN</TD ><TD ALIGN="LEFT" VALIGN="MIDDLE" >Can the cert be used to sign S/MIME email?</TD ></TR ><TR ><TD ALIGN="LEFT" VALIGN="MIDDLE" >X509_PURPOSE_SMIME_ENCRYPT</TD ><TD ALIGN="LEFT" VALIGN="MIDDLE" >Can the cert be used to encrypt S/MIME email?</TD ></TR ><TR ><TD ALIGN="LEFT" VALIGN="MIDDLE" >X509_PURPOSE_CRL_SIGN</TD ><TD ALIGN="LEFT" VALIGN="MIDDLE" >Can the cert be used to sign a certificate revocation list (CRL)?</TD ></TR ><TR ><TD ALIGN="LEFT" VALIGN="MIDDLE" >X509_PURPOSE_ANY</TD ><TD ALIGN="LEFT" VALIGN="MIDDLE" >Can the cert be used for Any/All purposes?</TD ></TR ></TBODY ></TABLE ></DIV > These options are not bitfields - you may specify one only! </P ><DIV CLASS="note" ><BLOCKQUOTE CLASS="note" ><P ><B >Note: </B >This function was added in 4.0.6.</P ></BLOCKQUOTE ></DIV ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="function.openssl-x509-check-private-key.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="function.openssl-x509-export-to-file.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >openssl_x509_check_private_key</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="ref.openssl.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >openssl_x509_export_to_file</TD ></TR ></TABLE ></DIV ></BODY ></HTML >