Databases
StackOverflow2013
Postsdbo
POTrouble connecting to SSL-encrypted web service with PHP
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POTrouble connecting to SSL-encrypted web service with PHP
    text
    copied!<p>I got two certificate files from the provider, one in a .cer-format and one in a .p7b-format. I then converted the p7b-certificate to a p12-certificate. With this certificate I'm able to connect to the wsdl from my browser. Then I proceeded to convert that certificate to .pem-format, using some instructions I found on this site.</p> <pre><code>openssl pkcs12 -clcerts -nokeys -out test.pem -in mycert.p12 openssl pkcs12 -nocerts -out key.pem -in mycert.p12 </code></pre> <p>then combing the cert with the key using the following command:</p> <pre><code>cat test.pem key.pem &gt; cert.pem </code></pre> <p>Heres my construct for the web service class:</p> <pre><code>public function __construct() { $wsdl_url = 'https://url.to/web_service?wsdl'; $pass = 'passphrase'; $cert = 'cert.pem'; try { $this-&gt;client = new SoapClient($wsdl_url, array('local_cert' =&gt; $cert, 'passphrase' =&gt; $pass)); } catch(SoapFault $e) { print_r($e); } } </code></pre> <p>And here is the error:</p> <pre><code>SSL operation failed with code 1. OpenSSL Error messages: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca in /var/www/html/.. </code></pre> <p>Trying to verify the certificate using:</p> <pre><code>openssl verify cert.pem </code></pre> <p>gives me the following error:</p> <pre><code>error 20 at 0 depth lookup:unable to get local issuer certificate </code></pre> <p>I've also tried creating the .pem-certificate using the following openssl command:</p> <pre><code>openssl pkcs12 -in mycert.p12 -out mycert.pem </code></pre> <p>Verifying this gives me OK, but PHP gives me the following error:</p> <pre><code>Unable to set local cert chain file `mycert.pem'; Check that your cafile/capath settings include details of your certificate and its issuer </code></pre> <p>I'm assuming it should be possible to make it work somehow, as I am able to access the wsdl through my browser, by using the .p12-certificate. But I'm not able to locate a solution as to how I should proceed. Thanks in advance.</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload