Perform soap request via https with self-signed certificate by cURL
Question
I'm trying to perform soap request to web-service written on C# via https. Server uses self-signed certificate.
After many failed attempts with usage of SoapClient I decided to use pure cURL to perfrom request.
My code:
<?php
header('Content-Type: text/plain; charset=utf-8');
$url = 'https://ip:8443/ServiceName';
$admin = 'login';
$password = 'haShedPassw0rdHere';
$post =
'<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
// Soap service params xml
</soap:Body>
</soap:Envelope>';
$headers = array(
'Content-type: text/xml;charset="utf-8"',
'Accept: text/xml',
'Cache-Control: no-cache',
'Pragma: no-cache',
'SOAPAction: https://ip:8443/ServiceName',
'Content-length: ' . strlen($post),
);
$curl = curl_init();
$options = array(
CURLOPT_URL => $url,
CURLOPT_HTTPHEADER => $headers,
CURLOPT_HTTPAUTH => CURLAUTH_ANY,
CURLOPT_USERPWD => $admin . ':' . $password,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => $post,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HEADER => false,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_ENCODING => '',
CURLOPT_AUTOREFERER => true,
CURLOPT_CONNECTTIMEOUT => 120,
CURLOPT_TIMEOUT => 120,
CURLOPT_MAXREDIRS => 10
);
curl_setopt_array($curl, $options);
var_dump($response = curl_exec($curl));
?>
Response:
string(370) "
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Body>
<s:Fault>
<faultcode xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
a:InvalidSecurity
</faultcode>
<faultstring xml:lang="ru-RU">
Ошибка при проверке безопасности сообщения.
</faultstring>
</s:Fault>
</s:Body>
</s:Envelope>"
Where:
Ошибка при проверке безопасности сообщения.
Means something like:
Communication security check error.
What have I tried:
- POST request with a self-signed certificate
- How to consume a WCF Web Service that uses custom username validation with a PHP page?
- Php SoapClient stream_context option
- SOAP authentication with PHP
- How can I send SOAP XML via Curl and PHP?
And more of them.
Question: What am I doing wrong?
Regards.
PS: Tested with PHP 5.3 , PHP 5.4.14 , PHP 5.5.1 . Results are same.
UPDv1:
C# Source, provided by service support team:
private void Button_SetData_Click(object sender, EventArgs e)
{
eLeed.WebServiceClient client =
new eLeed.WebServiceClient();
client.ClientCredentials.UserName.UserName = "login";
client.ClientCredentials.UserName.Password = "haShedPassw0rdHere";
Stream input = null;
input = GetQuery("ServiceMethod", TextBox_Command.Text);
XmlDocument response = new XmlDocument();
response.PreserveWhitespace = true;
response.Load(client.SetDataContractor(input));
ExeResponse(response);
input.Close();
client.Close();
}
Well, this button is actually working. But how perform something like that in php with cURL ? Especially, how to pass those two lines:
client.ClientCredentials.UserName.UserName = "login";
client.ClientCredentials.UserName.Password = "haShedPassw0rdHere";
Therefore, shouldn't it return message like "invalid credentials" or something?
1 answers
solution1
1 ACCPTED 2013-08-07 03:58:29
The error doesnt seem to be on the client side but on the server side. The server says that some security check failed. If it was a client error, you would get nothing but an error by cURL. You get an XML answer.
You should look at the server side.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.