Skip to content

Commit

Permalink
Fix check:cert subject alternative name matching
Browse files Browse the repository at this point in the history
  • Loading branch information
@flavioheleno
flavioheleno committed Feb 15, 2024
1 parent 8777fd4 commit c59fc30
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions src/Console/Commands/Check/CheckCertificateCommand.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@ final class CheckCertificateCommand extends Command {
* @param string[] $haystack
*/
private function subjectMatch(string $needle, array $haystack): bool {
$needleParts = explode('.', $needle);
array_shift($needleParts); // remove the host from $needle
// remove the host from $needle
$needleParts = array_slice(explode('.', $needle), 1);
foreach ($haystack as $candidate) {
if ($needle === $candidate) {
return true;
Expand Down Expand Up @@ -199,7 +199,7 @@ protected function execute(InputInterface $input, OutputInterface $output): int
);

if (
$domain !== $cert0->subjectCommonName ||
$domain !== $cert0->subjectCommonName &&
$this->subjectMatch($domain, $cert0->subjectAlternativeNames) === false
) {
$errors[] = sprintf(
Expand Down

0 comments on commit c59fc30

Please sign in to comment.