In case you want to retrieve your peers certificate or certificate chain,

you can use the related context options:

$secureConnector = new React\Socket\SecureConnector($dnsConnector, $loop, array(

'capture_peer_cert' => true,

'capture_peer_cert_chain' => true,

));

To show the peer certificate for every new connection this can be done as

follows:

$secureConnector->connect('www.google.com:443')->then(function (React\Socket\ConnectionInterface $connection) {

assert($connection instanceof React\Socket\Connection);

if ($connection->hasTlsPeer()) {

$peer = $connection->getTlsPeer();

if ($peer && $peer->hasPeerCertificate()) {

$peerCert = $peer->getPeerCertificate();

openssl_x509_export($peerCert, $cert);

echo $cert;

}

}

});

/** @var TlsPeer|null */

private $tlsPeer;

/**

public function setTlsPeer(TlsPeer $peer = null)

{

$this->tlsPeer = $peer;

}

/**

public function hasTlsPeer()

{

return $this->tlsPeer !== null;

}

/**

public function getTlsPeer()

{

return $this->tlsPeer;

}

return $promise = $encryption->enable($connection)->then(function () use ($connection) {

$connection->setTlsPeer(

TlsPeer::fromContextOptions(\stream_context_get_options($connection->stream))

);

return $connection;

}, function ($error) use ($connection, $uri) {

namespace React\Socket;

use InvalidArgumentException;

class TlsPeer

{

/** @var resource of type OpenSSL X.509 */

private $peerCertificate;

/** @var resource[] of type OpenSSL X.509 */

private $peerCertificateChain;

public function __construct($peerCertificate = null, array $peerCertificateChain = null)

{

if ($peerCertificate !== null) {

static::assertX509Resource($peerCertificate);

$this->peerCertificate = $peerCertificate;

}

if ($peerCertificateChain !== null) {

foreach ($peerCertificateChain as $resource) {

static::assertX509Resource($resource);

}

$this->peerCertificateChain = $peerCertificateChain;

}

}

public static function fromContextOptions($options)

{

if (isset($options['ssl']['peer_certificate'])) {

$peerCertificate = $options['ssl']['peer_certificate'];

} else {

$peerCertificate = null;

}

if (isset($options['ssl']['peer_certificate_chain'])) {

$peerCertificateChain = $options['ssl']['peer_certificate_chain'];

} else {

$peerCertificateChain = null;

}

return new static($peerCertificate, $peerCertificateChain);

}

protected static function assertX509Resource($resource)

{

if (! \is_resource($resource)) {

throw new \InvalidArgumentException(\sprintf(

'Resource expected, got "%s"',

\gettype($resource)

));

}

if (\get_resource_type($resource) !== 'OpenSSL X.509') {

throw new \InvalidArgumentException(\sprintf(

'Resource of type "OpenSSL X.509" expected, got "%s"',

\get_resource_type($resource)

));

}

}

/**

public function hasPeerCertificate()

{

return $this->peerCertificate !== null;

}

/**

public function getPeerCertificate()

{

return $this->peerCertificate;

}

/**

public function hasPeerCertificateChain()

{

return $this->peerCertificateChain !== null;

}

/**

public function getPeerCertificateChain()

{

return $this->peerCertificateChain;

}

protected function free()

{

if ($this->peerCertificate) {

\openssl_x509_free($this->peerCertificate);

$this->peerCertificate = null;

}

if (\is_array($this->peerCertificateChain)) {

foreach ($this->peerCertificateChain as $cert) {

\openssl_x509_free($cert);

}

$this->peerCertificateChain = null;

}

}

public function __destruct()

{

$this->free();

}

}