I started creating some code based upon this for sending push notifications from PHP.
我开始基于此创建一些代码,用于从PHP发送推送通知。
However now that I have understood there is a new API which utilizes HTTP/2 and provides feedback in the response, I am trying to figure out what I need to do to get that feedback.
然而,现在我已经了解了有一个新的API,它利用HTTP/2并在响应中提供反馈,我正试图弄清楚我需要做什么来获得反馈。
I haven't been able to find any tutorials or sample code to give me direction (I guess because it is so new).
我还没有找到任何教程或示例代码来给我指明方向(我想是因为它太新了)。
Is it possible to use the stream_socket_client() method of connecting to APNS with the new provider API? How do I get the feedback? All I get back from fwrite($fp, $msg, strlen($msg)) right now is a number. For all intents and purposes, you can consider my code the same as the code from the SO question I based my code on
是否可以使用stream_socket_client()方法将新的提供者API连接到APNS ?我如何得到反馈?我现在从fwrite($fp, $msg, $ strlen($msg))那里得到的只是一个数字。出于各种目的和目的,您可以将我的代码视为基于SO问题的代码
Thanks!
谢谢!
7 个解决方案
#1
30
With the new HTTP/2 APNS provider API, you can use curl to send push notifications.
使用新的HTTP/2 APNS提供程序API,您可以使用curl来发送推送通知。
EDIT
编辑
Before proceeding (as noted by @Madox), openssl >= 1.0.2e of should be installed (from package preferably). Verify with the command
在继续之前(如@Madox指出的),应该安装openssl >= 1.0.2e of(最好是从包安装)。验证与命令
openssl version
a) Your version of PHP should be >= 5.5.24 so that the constant CURL_HTTP_VERSION_2_0 is defined.
a)您的PHP版本应该是>= 5.5.24,以便定义常量CURL_HTTP_VERSION_2_0。
b) Make sure that you have curl version 7.46+ installed in your system with
b)确保在您的系统中安装了curl版本7.46+
curl --version
c) Curl should have http/2 support enabled. In the output when typing the previous command, you should see a line like this one:
c) Curl应该支持http/2。在输入前一个命令时,在输出中应该看到如下一行:
Features: IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets
if HTTP2 doesn't show up, you can follow this excellent tutorial to install http/2 for curl https://serversforhackers.com/video/curl-with-http2-support
如果HTTP2没有出现,您可以按照这个优秀的教程为curl https://serversforhackers.com/video/curl-with-http2-support安装http/2
Verify that curl detected openssl >= 1.0.2e, doing curl --version should output something like this:
验证curl检测到openssl >= 1.0.2e,执行curl—version应该输出如下内容:
curl 7.47.1 (x86_64-pc-linux-gnu) libcurl/7.47.1 OpenSSL/1.0.2f zlib/1.2.8 libidn/1.28 nghttp2/1.8.0-DEV librtmp/2.3
e) Once you everything installed, you can test it in the command line:
e)安装好后,可以在命令行中进行测试:
curl -d '{"aps":{"alert":"hi","sound":"default"}}' \
--cert <your-certificate.pem>:<certificate-password> \
-H "apns-topic: <your-app-bundle-id>" \
--http2 \
https://api.development.push.apple.com/3/device/<device-token>
f) Here is a sample code in PHP that I have successfully tried:
f)下面是我成功尝试过的PHP示例代码:
if(defined('CURL_HTTP_VERSION_2_0')){
$device_token = '...';
$pem_file = 'path to your pem file';
$pem_secret = 'your pem secret';
$apns_topic = 'your apns topic. Can be your app bundle ID';
$sample_alert = '{"aps":{"alert":"hi","sound":"default"}}';
$url = "https://api.development.push.apple.com/3/device/$device_token";
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POSTFIELDS, $sample_alert);
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("apns-topic: $apns_topic"));
curl_setopt($ch, CURLOPT_SSLCERT, $pem_file);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $pem_secret);
$response = curl_exec($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
//On successful response you should get true in the response and a status code of 200
//A list of responses and status codes is available at
//https://developer.apple.com/library/ios/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/Chapters/TheNotificationPayload.html#//apple_ref/doc/uid/TP40008194-CH107-SW1
var_dump($response);
var_dump($httpcode);
}
#2
4
I want to add some information to tiempor3al answer.
我想为tiempor3al的回答增加一些信息。
1) curl must be compiled with openssl version >=1.0.2 to fully support http/2. I receive "?@@?HTTP/2 client preface string missing or corrupt..." error when I compiled it with CentOS stock openssl-1.0.1e.
1) curl必须使用openssl版本>=1.0.2进行编译,才能完全支持http/2。我收到“@@ ?当我用CentOS的openssl-1.0.1e编译它时,会出现错误。
2) if your version of php module mod_curl.so compiled without CURL_HTTP_VERSION_2_0 constant, you could replace it with integer number 3:
2)如果您的php模块mod_curl版本。因此,在没有CURL_HTTP_VERSION_2_0常量的情况下进行编译,您可以将其替换为整数3:
curl_setopt($ch, CURLOPT_HTTP_VERSION, 3);
curl_setopt(ch美元CURLOPT_HTTP_VERSION 3);
#3
4
I could successfully send push via HTTP2 using php CURL and read the feedback directly in the response body (here I wrote a short tutorial on how to do this: Sending Push Notification with HTTP2 (and PHP)). I think that you can check the response body reading from the socket (I don't remember exactly the php function, perhaps "fgets").
我可以使用php CURL通过HTTP2成功地发送push,并在响应体中直接读取反馈(这里我写了一篇关于如何做到这一点的简短教程:使用HTTP2(和php)发送push通知)。我认为您可以检查从socket读取的响应主体(我不记得php函数,可能是“fgets”)。
#4
4
I'm using CentOS 6 and the way to solve was to install from source cURL and OpenSSL.
我正在使用CentOS 6,解决方法是从源代码cURL和OpenSSL中安装。
It may look very simple but it took me 3 days to figure out the right configuration for the packages so I think I can help someone by posting what I did here.
它看起来很简单,但是我花了3天时间才找到正确的软件包配置,所以我认为我可以通过发布我在这里所做的事情来帮助别人。
It proved a little tricky for me since I'm not used to install packages from source, but I now can connect to APNs using HTTPS over HTTP/2.
这对我来说有点棘手,因为我不习惯从源代码安装包,但是我现在可以通过HTTP/2连接到APNs。
The details of what I did is here:
我所做的细节如下:
-
Download and uncompress cURL and OpenSSL:
下载并解压cURL和OpenSSL:
wget https://curl.haxx.se/download/curl-7.47.1.tar.gz wget https://www.openssl.org/source/openssl-1.0.2h.tar.gz -
Configure OpenSSL with the following flags (I'm not sure what they do, but is what worked for me):
用下面的标志配置OpenSSL(我不确定他们做了什么,但对我来说是有用的):
export CXXFLAGS="$CXXFLAGS -fPIC" ./config zlib enable-ssl3 enable-shared -
make and install OpenSSL
制造和安装OpenSSL
-
Configure cURL with the following flag:
使用以下标志配置cURL:
./configure --with-ssl=/usr/local/ssl/ -
Make and install cURL
制造和安装旋度
-
set LD_LIBRARY_PATH to /usr/local/ssl/lib/
LD_LIBRARY_PATH设置为/usr/local/ssl/lib/
export LD_LIBRARY_PATH=/usr/local/ssl/lib/ -
Test
测试
/usr/local/bin/curl -v -d '{"aps":{"alert":"hi","sound":"default"}}' --cert cert.crt --key cert.key -H "apns-topic: topics" --http2 https://api.development.push.apple.com:443/3/device/00fc13adff785122b4ad28809a3420982341241421348097878e577c991de8f0
The result:
结果:
* Trying 17.172.238.203...
* Connected to api.development.push.apple.com (17.172.238.203) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Request CERT (13):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS handshake, CERT verify (15):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=api.development.push.apple.com; OU=management:idms.group.533599; O=Apple Inc.; ST=California; C=US
* start date: Jun 19 01:49:43 2015 GMT
* expire date: Jul 18 01:49:43 2017 GMT
* subjectAltName: host "api.development.push.apple.com" matched cert's "api.development.push.apple.com"
* issuer: CN=Apple IST CA 2 - G1; OU=Certification Authority; O=Apple Inc.; C=US
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* TCP_NODELAY set
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x1091110)
> POST /3/device/00fc13adff785122b4ad28809a3420982341241421348097878e577c991de8f0 HTTP/1.1
> Host: api.development.push.apple.com
> User-Agent: curl/7.48.0
> Accept: */*
> apns-topic: topics
> Content-Length: 40
> Content-Type: application/x-www-form-urlencoded
>
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
* We are completely uploaded and fine
< HTTP/2.0 400
<
* Connection #0 to host api.development.push.apple.com left intact
{"reason":"BadDeviceToken"}
As you can see, I got rid of the ugly
正如你所看到的,我摆脱了丑陋。
▒@@▒HTTP/2 client preface string missing or corrupt. Hex dump for received bytes: 504f5354202f332f6465766963652f746573742048545450
#5
1
Follow this guide [http://cloudfields.net/blog/ios-push-notifications-encryption/][1] to generate and merge your certificate and private key. Once you merge and your sslcert and pkey as described in the guide with same file names, just try the curl command below.
请遵循本指南[http://cloudfields.net/blog/iospush - notification/][1]生成和合并证书和私钥。一旦您合并了您的sslcert和pkey,如指南中描述的一样,具有相同的文件名,请尝试下面的curl命令。
curl -X POST -H 'apns-topic: com.mycompany.ios.BadassApp' -d '{"aps":{"content-available":1,"alert":"hi","sound":"default"}}' --cert apns_cert.pem:yourCertPassword --http2 'https://api.development.push.apple.com:443/3/device/b8de1sf067effefc398d792205146fc67dn0e96b0ff21ds81cabe384bbe71353'
#6
1
To resolve HTTP/2 client preface string missing or corrupt errors in PHP 5.6 I created an Apache and CLI PHP Docker image that you might want to rely on or just look up what I did in the Dockerfile to build your own. Same can probably apply to PHP 7.0 although I haven't tried.
为了解决PHP 5.6中出现的HTTP/2客户端前言字符串丢失或损坏的问题,我创建了一个Apache和CLI PHP Docker映像,您可能希望依赖该映像,或者只是查找我在Dockerfile中所做的构建您自己的映像。同样的道理也适用于PHP 7.0,尽管我还没有尝试过。
#7
-1
yes, it's possible:
是的,这是可能的:
$errno=0;$errstr="";
$sock = stream_socket_client(
"api.push.apple.com:443",
$errno,
$errstr,
4,
STREAM_CLIENT_CONNECT,
stream_context_create(["ssl" => ["local_cert" => "/path/to/cert.pem","verify_peer"=>false,"verify_peer_name"=>false]])
);
stream_socket_enable_crypto($sock, true, STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT);
#1
30
With the new HTTP/2 APNS provider API, you can use curl to send push notifications.
使用新的HTTP/2 APNS提供程序API,您可以使用curl来发送推送通知。
EDIT
编辑
Before proceeding (as noted by @Madox), openssl >= 1.0.2e of should be installed (from package preferably). Verify with the command
在继续之前(如@Madox指出的),应该安装openssl >= 1.0.2e of(最好是从包安装)。验证与命令
openssl version
a) Your version of PHP should be >= 5.5.24 so that the constant CURL_HTTP_VERSION_2_0 is defined.
a)您的PHP版本应该是>= 5.5.24,以便定义常量CURL_HTTP_VERSION_2_0。
b) Make sure that you have curl version 7.46+ installed in your system with
b)确保在您的系统中安装了curl版本7.46+
curl --version
c) Curl should have http/2 support enabled. In the output when typing the previous command, you should see a line like this one:
c) Curl应该支持http/2。在输入前一个命令时,在输出中应该看到如下一行:
Features: IDN IPv6 Largefile NTLM NTLM_WB SSL libz TLS-SRP HTTP2 UnixSockets
if HTTP2 doesn't show up, you can follow this excellent tutorial to install http/2 for curl https://serversforhackers.com/video/curl-with-http2-support
如果HTTP2没有出现,您可以按照这个优秀的教程为curl https://serversforhackers.com/video/curl-with-http2-support安装http/2
Verify that curl detected openssl >= 1.0.2e, doing curl --version should output something like this:
验证curl检测到openssl >= 1.0.2e,执行curl—version应该输出如下内容:
curl 7.47.1 (x86_64-pc-linux-gnu) libcurl/7.47.1 OpenSSL/1.0.2f zlib/1.2.8 libidn/1.28 nghttp2/1.8.0-DEV librtmp/2.3
e) Once you everything installed, you can test it in the command line:
e)安装好后,可以在命令行中进行测试:
curl -d '{"aps":{"alert":"hi","sound":"default"}}' \
--cert <your-certificate.pem>:<certificate-password> \
-H "apns-topic: <your-app-bundle-id>" \
--http2 \
https://api.development.push.apple.com/3/device/<device-token>
f) Here is a sample code in PHP that I have successfully tried:
f)下面是我成功尝试过的PHP示例代码:
if(defined('CURL_HTTP_VERSION_2_0')){
$device_token = '...';
$pem_file = 'path to your pem file';
$pem_secret = 'your pem secret';
$apns_topic = 'your apns topic. Can be your app bundle ID';
$sample_alert = '{"aps":{"alert":"hi","sound":"default"}}';
$url = "https://api.development.push.apple.com/3/device/$device_token";
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_POSTFIELDS, $sample_alert);
curl_setopt($ch, CURLOPT_HTTP_VERSION, CURL_HTTP_VERSION_2_0);
curl_setopt($ch, CURLOPT_HTTPHEADER, array("apns-topic: $apns_topic"));
curl_setopt($ch, CURLOPT_SSLCERT, $pem_file);
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, $pem_secret);
$response = curl_exec($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
//On successful response you should get true in the response and a status code of 200
//A list of responses and status codes is available at
//https://developer.apple.com/library/ios/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/Chapters/TheNotificationPayload.html#//apple_ref/doc/uid/TP40008194-CH107-SW1
var_dump($response);
var_dump($httpcode);
}
#2
4
I want to add some information to tiempor3al answer.
我想为tiempor3al的回答增加一些信息。
1) curl must be compiled with openssl version >=1.0.2 to fully support http/2. I receive "?@@?HTTP/2 client preface string missing or corrupt..." error when I compiled it with CentOS stock openssl-1.0.1e.
1) curl必须使用openssl版本>=1.0.2进行编译,才能完全支持http/2。我收到“@@ ?当我用CentOS的openssl-1.0.1e编译它时,会出现错误。
2) if your version of php module mod_curl.so compiled without CURL_HTTP_VERSION_2_0 constant, you could replace it with integer number 3:
2)如果您的php模块mod_curl版本。因此,在没有CURL_HTTP_VERSION_2_0常量的情况下进行编译,您可以将其替换为整数3:
curl_setopt($ch, CURLOPT_HTTP_VERSION, 3);
curl_setopt(ch美元CURLOPT_HTTP_VERSION 3);
#3
4
I could successfully send push via HTTP2 using php CURL and read the feedback directly in the response body (here I wrote a short tutorial on how to do this: Sending Push Notification with HTTP2 (and PHP)). I think that you can check the response body reading from the socket (I don't remember exactly the php function, perhaps "fgets").
我可以使用php CURL通过HTTP2成功地发送push,并在响应体中直接读取反馈(这里我写了一篇关于如何做到这一点的简短教程:使用HTTP2(和php)发送push通知)。我认为您可以检查从socket读取的响应主体(我不记得php函数,可能是“fgets”)。
#4
4
I'm using CentOS 6 and the way to solve was to install from source cURL and OpenSSL.
我正在使用CentOS 6,解决方法是从源代码cURL和OpenSSL中安装。
It may look very simple but it took me 3 days to figure out the right configuration for the packages so I think I can help someone by posting what I did here.
它看起来很简单,但是我花了3天时间才找到正确的软件包配置,所以我认为我可以通过发布我在这里所做的事情来帮助别人。
It proved a little tricky for me since I'm not used to install packages from source, but I now can connect to APNs using HTTPS over HTTP/2.
这对我来说有点棘手,因为我不习惯从源代码安装包,但是我现在可以通过HTTP/2连接到APNs。
The details of what I did is here:
我所做的细节如下:
-
Download and uncompress cURL and OpenSSL:
下载并解压cURL和OpenSSL:
wget https://curl.haxx.se/download/curl-7.47.1.tar.gz wget https://www.openssl.org/source/openssl-1.0.2h.tar.gz -
Configure OpenSSL with the following flags (I'm not sure what they do, but is what worked for me):
用下面的标志配置OpenSSL(我不确定他们做了什么,但对我来说是有用的):
export CXXFLAGS="$CXXFLAGS -fPIC" ./config zlib enable-ssl3 enable-shared -
make and install OpenSSL
制造和安装OpenSSL
-
Configure cURL with the following flag:
使用以下标志配置cURL:
./configure --with-ssl=/usr/local/ssl/ -
Make and install cURL
制造和安装旋度
-
set LD_LIBRARY_PATH to /usr/local/ssl/lib/
LD_LIBRARY_PATH设置为/usr/local/ssl/lib/
export LD_LIBRARY_PATH=/usr/local/ssl/lib/ -
Test
测试
/usr/local/bin/curl -v -d '{"aps":{"alert":"hi","sound":"default"}}' --cert cert.crt --key cert.key -H "apns-topic: topics" --http2 https://api.development.push.apple.com:443/3/device/00fc13adff785122b4ad28809a3420982341241421348097878e577c991de8f0
The result:
结果:
* Trying 17.172.238.203...
* Connected to api.development.push.apple.com (17.172.238.203) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Request CERT (13):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS handshake, CERT verify (15):
* TLSv1.2 (OUT), TLS change cipher, Client hello (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=api.development.push.apple.com; OU=management:idms.group.533599; O=Apple Inc.; ST=California; C=US
* start date: Jun 19 01:49:43 2015 GMT
* expire date: Jul 18 01:49:43 2017 GMT
* subjectAltName: host "api.development.push.apple.com" matched cert's "api.development.push.apple.com"
* issuer: CN=Apple IST CA 2 - G1; OU=Certification Authority; O=Apple Inc.; C=US
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* TCP_NODELAY set
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x1091110)
> POST /3/device/00fc13adff785122b4ad28809a3420982341241421348097878e577c991de8f0 HTTP/1.1
> Host: api.development.push.apple.com
> User-Agent: curl/7.48.0
> Accept: */*
> apns-topic: topics
> Content-Length: 40
> Content-Type: application/x-www-form-urlencoded
>
* Connection state changed (MAX_CONCURRENT_STREAMS updated)!
* We are completely uploaded and fine
< HTTP/2.0 400
<
* Connection #0 to host api.development.push.apple.com left intact
{"reason":"BadDeviceToken"}
As you can see, I got rid of the ugly
正如你所看到的,我摆脱了丑陋。
▒@@▒HTTP/2 client preface string missing or corrupt. Hex dump for received bytes: 504f5354202f332f6465766963652f746573742048545450
#5
1
Follow this guide [http://cloudfields.net/blog/ios-push-notifications-encryption/][1] to generate and merge your certificate and private key. Once you merge and your sslcert and pkey as described in the guide with same file names, just try the curl command below.
请遵循本指南[http://cloudfields.net/blog/iospush - notification/][1]生成和合并证书和私钥。一旦您合并了您的sslcert和pkey,如指南中描述的一样,具有相同的文件名,请尝试下面的curl命令。
curl -X POST -H 'apns-topic: com.mycompany.ios.BadassApp' -d '{"aps":{"content-available":1,"alert":"hi","sound":"default"}}' --cert apns_cert.pem:yourCertPassword --http2 'https://api.development.push.apple.com:443/3/device/b8de1sf067effefc398d792205146fc67dn0e96b0ff21ds81cabe384bbe71353'
#6
1
To resolve HTTP/2 client preface string missing or corrupt errors in PHP 5.6 I created an Apache and CLI PHP Docker image that you might want to rely on or just look up what I did in the Dockerfile to build your own. Same can probably apply to PHP 7.0 although I haven't tried.
为了解决PHP 5.6中出现的HTTP/2客户端前言字符串丢失或损坏的问题,我创建了一个Apache和CLI PHP Docker映像,您可能希望依赖该映像,或者只是查找我在Dockerfile中所做的构建您自己的映像。同样的道理也适用于PHP 7.0,尽管我还没有尝试过。
#7
-1
yes, it's possible:
是的,这是可能的:
$errno=0;$errstr="";
$sock = stream_socket_client(
"api.push.apple.com:443",
$errno,
$errstr,
4,
STREAM_CLIENT_CONNECT,
stream_context_create(["ssl" => ["local_cert" => "/path/to/cert.pem","verify_peer"=>false,"verify_peer_name"=>false]])
);
stream_socket_enable_crypto($sock, true, STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT);