[英]PayPal ipn handler over TLS instead of SSL using fsockopen
[英]SOAP communication over TLS instead of SSL3.0
我正在使用SOAP与AFAS的Web服务进行通信。 由于已知SSL 3.0协议存在一些安全问题,因此他们已停止支持此协议。 他们现在仅支持TLS 1.0,TLS 1.1和TLS 1.2。 我的PHP SOAP脚本现在崩溃了,并给了我这个错误:
Fatal error: Uncaught SoapFault exception: [WSDL] SOAP-ERROR: Parsing WSDL: Couldn't load from 'https://profitweb.afasonline.nl/profitservices/updateconnector.asmx?wsdl' : failed to load external entity "https://profitweb.afasonline.nl/profitservices/updateconnector.asmx?wsdl"
目前,我不知道该在哪里解决此问题。 我将如何通过其他协议进行通信? 我需要在PHP代码中进行更改还是服务器问题?
在我正在使用的php代码下方,进一步深入了一些服务器信息:
$wsdl = "https://profitweb.afasonline.nl/profitservices/updateconnector.asmx?wsdl";
$client = new SoapClientAuth($wsdl,
array(
'login' => $login,
'password' => $password
));
SoapClientAuth类:
class SoapClientAuth extends SoapClient{
public $Username = NULL;
public $Password = NULL;
/**
*
* @param string $wsdl
* @param array $options
*/
function SoapClientAuth($wsdl, $options = NULL)
{
stream_wrapper_unregister('https');
stream_wrapper_unregister('http');
stream_wrapper_register('https', 'streamWrapperHttpAuth');
stream_wrapper_register('http', 'streamWrapperHttpAuth');
if($options)
{
$this->Username = $options['login'];
streamWrapperHttpAuth::$Username = $this->Username;
$this->Password = $options['password'];
streamWrapperHttpAuth::$Password = $this->Password;
}
#parent::SoapClient($wsdl, ($options?$options:array()));
parent::SoapClient($wsdl, $options);
stream_wrapper_restore('https');
stream_wrapper_restore('http');
}
服务器信息:
Registered PHP Streams: https, ftps, compress.zlib, php, file, glob, data, http, ftp, phar, zip
Registered Stream Socket Transports: tcp, udp, unix, udg, ssl, sslv3, sslv2, tls
SSL Version: OpenSSL/1.0.0
更新我阅读本文后更新了我的第一部分代码,也未成功:(:
$opts = array(
'ssl' => array(
'verify_peer' => true,
'cafile' => '/etc/ssl/certs/cacert.pem',
'verify_depth' => 5,
'CN_match' => 'profitweb.afasonline.nl',
'disable_compression' => true,
'SNI_enabled' => true,
'ciphers' => 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:AES128:AES256:RC4-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK'
)
);
$context = stream_context_create($opts);
$client = new SoapClientAuth($wsdl,
array(
'login' => $login,
'password' => $password,
'stream_context' => $context,
));
我也进行了SSL测试 ,这表明服务器支持TLS 1.0(不支持1.1和1.2)。
您的错误是php中的默认SOAP客户端不支持WSDL ITSELF的身份验证。 是的,这很糟糕,但是您可以每次下载wsdl并从磁盘加载它(不建议这样做,但这是一个很好的廉价解决方案),或者查看其他可能动态获取wsdl的选项,也许使用curl。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.