Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
682 views
in Technique[技术] by (71.8m points)

soap - Does PHP SoapClient support HTTPS connections

I'm using XAMPP on Windows and try to work with PHP soap extension SoapClient. I'm trying to load a WSDL file hosted in HTTPS site using the following code

<?php
    $myClient=new SoapClient("https://smi.sp.f-secure.com/smi/5.1/services/EchoService?wsdl");
?>

I get the following error:

Fatal error: Uncaught SoapFault exception: [WSDL] SOAP-ERROR: Parsing WSDL: Couldn't load from 'https://smi.sp.f-secure.com/smi/5.1/services/EchoService?wsdl' : failed to load external entity "https://smi.sp.f-secure.com/smi/5.1/services/EchoService?wsdl" in C:xampphtdocsdevw3schoolssoapClientindex.php:2 Stack trace:
#0 C:xampphtdocsdevw3schoolssoapClientindex.php(2): SoapClient->SoapClient('https://smi.sp....')
#1 {main} thrown in C:xampphtdocsdevw3schoolssoapClientindex.php on line 2

Now I took a network capture during the request and saw that HTTPS communication does not work OK on SSL Level. Wireshark shows a packet on Server Key Exchange my workstation responds with:

TLSv1 Record Layer: Alert (Level: Fatal, Description: Certificate Unknown)

Wireshark Screenshot

Using nuSOAP client or soapUI utility from the same computer, I'm able to connect to the service normally. So no certificate problems I guess.

So definately it's something with SOAP extension and SSL communication. Can anyone help? Give hints what to look for?

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

To workaround this error you could deactivate the SSL certificate validation. But keep in mind, that this should only be done for test cases, because this makes your connection insecure!

You can pass a stream context when instantiating the SoapClient like this:

<?php
$myClient = new SoapClient("https://smi.sp.f-secure.com/smi/5.1/services/EchoService?wsdl", [
    'stream_context' => stream_context_create([
        'ssl' => [
            'verify_peer' => false,
            'verify_peer_name' => false,
        ],
    ]),
]);

If you have a valid certificate but it is selfsigned, there is another solution (more secure):

<?php
$myClient = new SoapClient("https://smi.sp.f-secure.com/smi/5.1/services/EchoService?wsdl", [
    'stream_context' => stream_context_create([
        'ssl' => [
            'allow_self_signed' => true,
        ],
    ]),
]);

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

2.1m questions

2.1m answers

60 comments

57.0k users

...