Darghon Posted April 17, 2017 Share Posted April 17, 2017 Hi all, I've been struggling for months with a connection to a DataPower webservice using PHP. In SoapUI I've managed to get a response (an error message, but a response non the less) but in php, Soap always returns a NULL value. The service in question requires me to use a client certificate. Creating a p12 keystore with my private key (used to request the certificate) and the complete certificate chain provided by the service host, I'm able to get a connection using SoapUI (by using ssl for each request with the formentioned p12 file) Now, I want to accomplisch the same thing in php, so, I did the following: - I installed the root and CA2 certificate from the service provider on my php server - I construct a soap_client using the received wsdl file (same one as I use in SoapUi) and add the below listed options to the constructor $options = [ 'trace' => 1, 'exceptions' => 1, 'local_cert' => $this->_getCertificateLocation('P12_KEYFILE'), 'passphrase' => $keyfile_passphrase ]; The _getCertificateLocation returns the absolute path of the cert file, which is correct and accessable. Alternatively I've also tried to convert the P12 file to a PEM file using the below command, but results in thee same effect. openssl pkcs12 -in discimus_keystore.p12 -out discimus.pem -clcerts Anything I need to add/reconsider? or any advice on this matter? Thanks for any help. Darghon Quote Link to comment Share on other sites More sharing options...
Darghon Posted April 29, 2017 Author Share Posted April 29, 2017 The above is still an issue, anyone? Quote Link to comment Share on other sites More sharing options...
Solution Darghon Posted May 5, 2017 Author Solution Share Posted May 5, 2017 Well, since no one was able to help me, and I've eventually managed to fix this, I'll add my solution (and problems) in this post. So, I needed to connect to a Soap Service using WSSE. Not with a user/pass auth in it, but with a client certificate, a binary security token and such wonderful things. First, I needed to make a p12 certificate file, using my client certificate (with the cert chain) and my private key (used to request the client certificate). Next, I needed to convert the p12 file to a BASE64 encoded pem file. Finally, in the soap_client constructor, you need to add "local_cert" and "passphrase" in the options part with the full path of the pem file, and your used password (if any). Next, and this one was my biggest issue, make sure your server can resolve the host address of the webservice. Ping it first, and if needed, add it to your host file *facepalm* Finally, construct your soap envelop (I've used a public PHP WSSE library for mine), and execute the request. Feel free to ask more details if need be. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.