SoapFault exception [HTTP] Could not connect to host: With Local SSL Certificate

Question

I am trying to connect to a SOAP webservice with a local SSL file using PHP Soap client. As a local SSL certificate will not work correctly with PHP I already downloaded WSDL file and saved this locally.

Now As I am trying to connect to the webservices I get this error:

SoapFault exception: [HTTP] Could not connect to host in /var/www/index.php:38 Stack trace: #0 [internal function]: SoapClient->__doRequest('__call('GetTests', Array) #2 /var/www/index.php(38): SoapClient->GetTests() #3 {main}

I am working on a Debian Wheezy server. As I did some reading on Stackoverflow I found that you should enable openssl which I did install and is loaded according to the phpinfo();

When running the script I do:

soap.wsdl_cache_enabled = 0
soap.wsdl_cache_ttl = 0

In my /etc/hosts file I added the service just to be sure

I set my firewall to accept SOAP:

ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:1664
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:1664

And I tried several settings in the PHP file like using TLS or SSLv3 etc. None of the above helped.

Here is my script:

error_reporting(E_ALL ^ E_NOTICE);
ini_set('soap.wsdl_cache_enabled',0);
ini_set('soap.wsdl_cache_ttl',0);

$wsdl = "/var/www/php/soap.wsdl";
$url =  "https://www.soaptest.nl/api/soap";
$pem = "/var/www/php/my_interface.p12";

$client = new SoapClient(
    $wsdl,
    array(
        "location" => "https://www.soaptest.nl/api/soap",
        //"uri" => "http://www.soaptest.nl/api",
        "local_cert" => $pem,
        "passphrase" => "mypassforthepem",
        "soap_version" => SOAP_1_1,
        "trace" => true,
        "exceptions" => 0,
        "features" => SOAP_SINGLE_ELEMENT_ARRAYS
    )
);

print $client->GetTests();

So with all settings I did so far, nothing seems to work. I might forget something or do something which I should not, but I can't see it anymore.

Please help me out and let me know more. Thanks in advance.

Answer 1

The problem may be because the server where WS is installed does not have remote connections configured.

My scenario is as follows:

WebServices soap:   Programming in java and deployed in jboss

client: php

I had the same problem, in my case develop a WS in java and publish it on a jboss server 7.1.1. Finally, when to test with the SOAP UI connected without problem but wanting to consume, I marked the error:

SoapFault exception: [HTTP] Could not connect to host in ... Stack trace: # 0 [internal function]: SoapClient -> __ doRequest ( '__ call (' GetTests', Array) # 2 /var/www/index.php 38): SoapClient-> GetTests () # 3 {main}

The solution I gave you is that on the server where the Ws was deployed you configure it to allow the output of the ws.

In my case was to configure the standalone.xm of jboss

The standalone.xml line is located

<Subsystem xmlns = "urn: jboss: domain: webservices: 1.1">
            <Modify-wsdl-address> true </ modify-wsdl-address>
            <Wsdl-host> $ {jboss.bind.address: 127.0.0.1} </ wsdl-host>
            <Endpoint-config name = "Standard-Endpoint-Config" />
            <Endpoint-config name = "Recording-Endpoint-Config">
                <Pre-handler-chain name = "recording-handlers" protocol-bindings = "## SOAP11_HTTP ## SOAP11_HTTP_MTOM ## SOAP12_HTTP ## SOAP12_HTTP_MTOM">
                    <Handler name = "RecordingHandler" class = "org.jboss.ws.common.invocation.RecordingServerHandler" />
                </ Pre-handler-chain>
            </ Endpoint-config>
        </ Subsystem>

substituting
<! - remote ip of wsl $ {jboss.bind.address: 127.0.0.1} ->

ip
<Wsdl-host> 192.168.1.73 </ wsdl-host>

Restart the jboss and with that it is already allowed to connect from any client

Answer 2

I solved the problem by splitting the PEM file into two seperate key and crt files using openssl:

openssl pkcs12 -in certname.pem -nocerts -out key.pem -nodes
openssl pkcs12 -in certname.pem -nokeys -out bla.crt

Using this and setting these values in the code, it did work.