I have a php script that goes to a rss feed url and pulls down the xml, processes it and then loads the data I need into a database. The script has been working flawlessly, until the site owners secured it using smartcard authentication(Military CAC).
I've been trying to figure out a way to take my x.509 cert from my smartcard and present it via php or any other scripting language to the webserver hosting the rss. I can't see to figure this out.
Concept of operations: 1. Request rss url 2. rss url requests authentication 3. present cert + pin(I'll store the pin securely for the script to use, I know how to do this) 4. rss url authenticates my cert and posts the data.
Thanks! -Dan
In PHP would this work (using phpseclib, a pure-PHP X.509 implementation)?:
<?php
include('File/X509.php');
$x509 = new File_X509();
$cert = $x509->loadX509('...');
echo $x509->validateSignature() ? 'valid' : 'invalid';
?>
Other things you could validate against are listed below:
http://phpseclib.sourceforge.net/x509/examples.html#validate