Reputation: 11188
PHP SOAP client with certificates over SSL
I'm trying to set up a Soap client with the following code:
<?php
$wsdl = 'https://domain.com/?wsdl';
$endpoint = 'https://domain.com';
$certificate = dirname(__FILE__) . '/CertWithKey.pem';
$password = 'pwd';
$options = array(
'location' => $endpoint,
'keep_alive' => true,
'trace' => true,
'local_cert' => $certificate,
'passphrase' => $password,
'cache_wsdl' => WSDL_CACHE_NONE
);
try {
$soapClient = new SoapClient($wsdl, $options);
} catch(Exception $e) {
var_dump($e);
}
I was given a .p12 key-file with a .crt certification file. Using openssl I've converted the .p12-file to a .pem-file and then merged it with the .crt-file. The CertWithKey.pem looks good to me, two certificate-blocks are in the file.
No matter what I try to do, I keep getting an exception with the message SOAP-ERROR: Parsing WSDL: Couldn't load from 'https://domain.com/?wsdl' : failed to load external entity "https://domain.com/?wsdl".
After phoning with the remote party they acknowlegde that a request is coming in but they're logging this error: ssl handshake interrupted by system [hint: stop button pressed in browser?!].
Since I didn't find any useful information on the net so far I figured to ask you guys for some insight on the matter.
Any suggestions what can be tried? I'm running PHP 5.3.8 and the server's IP-address is white listed in the firewall at the remote party.
Upvotes: 8
Views: 30899
Answers (4)
Reputation: 3
You have to also enable the php_openssl extension.
This in combination with this answer resolved my problem on PHP 8.2.
Upvotes: 0
Reputation: 1931
$mode = array(
'soap_version' => 'SOAP_SSL_METHOD_SSLv2', // use soap 1.2 client
'trace' => 1,
'stream_context' => stream_context_create(
array(
'ssl' => array(
'crypto_method' => STREAM_CRYPTO_METHOD_TLSv1_2_CLIENT,
'verify_peer' => false, // don't care about which company
'verify_peer_name' => false // or company name
)
)
)
);
$client = new SoapClient($x, $mode);
Upvotes: 1
Reputation: 11188
I've fixed this problem. I think, due to the number of questions regarding this issue and number of different solutions, others will benefit from the solution. Here goes:
I used the openssl CLI program to convert the .p12 key-file to a .pem key-file. The trick is the way the conversion takes place.
First I converted it with this command and I had the issue as described in the question:
openssl pkcs12 -in key.p12 -out key.pem -nodes -clcerts
While the command below did the actual trick:
openssl pkcs12 -in key.p12 -out key.pem -clcerts
For more info please see the source I used: https://community.qualys.com/docs/DOC-3273
Upvotes: 13
Reputation: 79
Same suggestions:
I use SoapClient to connect with SSL services, and all works fine without specify "endpoint" URL. Then I recommend you try without this option;
The php SoapClient has a option named "ssl_method" where you can change some variation of this protocol. Try change/specify this param if you know what protocol is used;
Specify "verifypeer => false" and "verifyhost => false" on params list;
Upvotes: -2
Related Questions
- PHP Soap Client Attempting to use a WSDL service but the service is saying HTTPS Required
- Creating a PHP SOAP request with a certificate
- PHP SoapClient Doesn't Retrieve WSDL with Client Certificate
- PHP SOAP with wsdl and 2-way SSL
- How do I get the PHP SOAP client to communicate with a service running over SSL with an invalid certificate
- PHP SoapClient unable to work with https WS
- SOAP Client over HTTPS with SSL certificates on both sides
- PHP SOAP cannot connect to an SSL WSDL source
- PHP SOAP with HTTPS webservice and .PEM client certificate
- how to send SOAP request with SSL certificate in PHP?