protected function buildBundle($rawCertData)
{
$rawCertData = explode("\n", $rawCertData);
$caBundle = <<<EOT
##
## Bundle of CA Root Certificates
##
## Generated with Sslurp (https://github.com/EvanDotPro/Sslurp)
##
## This is a bundle of X.509 certificates of public Certificate Authorities.
## These were automatically extracted from Mozilla's root certificates
## file (certdata.txt). This file can be found in the Mozilla source tree:
## /mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt
##
## http://www.mozilla.org/projects/security/certs/policy/
## http://www.mozilla.org/projects/security/pki/nss/
##
## This file contains the certificates in PEM format and therefore
## can be directly used with curl / libcurl / php_curl, or with
## an Apache+mod_ssl webserver for SSL client authentication.
## Just configure this file as the SSLCACertificateFile.
##
EOT;
$caName = '';
while (($line = array_shift($rawCertData)) !== null) {
if (preg_match('/^#|^\\s*$/', $line)) {
continue;
}
$line = rtrim($line);
if (preg_match('/^CVS_ID\\s+\\"(.*)\\"/', $line, $match)) {
$caBundle .= "# {$match[1]}\n";
}
if (preg_match('/^CKA_LABEL\\s+[A-Z0-9]+\\s+\\"(.*)\\"/', $line, $match)) {
$caName = $match[1];
}
if (preg_match('/^CKA_VALUE MULTILINE_OCTAL/', $line)) {
$data = '';
while ($line = array_shift($rawCertData)) {
if (preg_match('/^END/', $line)) {
break;
}
$line = rtrim($line);
$octets = explode('\\', $line);
array_shift($octets);
foreach ($octets as $oct) {
$data .= chr(octdec($oct));
}
}
$caBundle .= $this->buildPemString($caName, $data);
}
}
return $caBundle;
}