SoapServer::SoapServer(): SSL operation failed with code 1

Question

i have exposed a couple of web services through Yii. After upgrading to PHP 5.6.33 from PHP 5.5.x, i face the following error

SoapServer::SoapServer(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

the error occurs on line 166 on framework/web/services/CWebService.php (1.1.19) so far i haven't found any work around, the options property is protected and don't know how to bypass this issue, but still http://php.net/manual/en/soapserver.soapserver.php doesn't seem to support same options as SoapClient

            $options["stream_context"] = stream_context_create([ 
                "ssl" => [ 
                    // set some SSL/TLS specific options 
                    "verify_peer" => false, 
                    "verify_peer_name" => false, 
                    "allow_self_signed" => true 
                ]]); 

Answer 1

We ended up that it was a server configuration issue. The production servers didn't faced this issue since the certificate was signed from a known authority however in the private servers, we needed to edit the php.ini file

openssl.cafile = "/etc/path/to/pem/file.pem"

Answer 2

I got the error too on Linux (Ubuntu) with PHP7.2 when I tried to create SoapServer in my development environment. If you do not want to set the PHP openssl.cafile globally, just copy your Root CA into the correct folder and update certificates:

sudo cp my_root_ca.pem /usr/share/ca-certificates/my_root_ca.crt
sudo dpkg-reconfigure ca-certificates
sudo update-ca-certificates

While reconfigure ca-certificates you need to select your own certificate and activate it. (If you do not need your Root CA anymore in your develop environment just reconfigure certificates again, unselect your CA from the list and finally update certificates.)