SOAPClient and certificates


I’m trying to connect to a web-service and was provided a certificate as a .cer file. I have tried to use it like this:

        $client = new SoapClient(self::O_PINGWSDL,
                    array('login'       => self::O_USERID,
                        'password'      => self::O_PASSWORD,
                        'cache_wsdl'    => 'WSDL_CACHE_NONE',
                        'local_cert'    => 'path/to/cert.cer',
                        'trace'         => 1));

I expected this to work but I’m still getting this error:

SoapFault exception: [HTTP] Could not connect to host in …

So, I visited the address specified in the <soap:address location=“…”/> element of the WSDL and my browser prompted me to accept the certificate, which I did, and got a result.

So, I’m allowed on to their server, but I can’t do it with SOAPClient for some reason.

Here is a var_dump() of my SOAPClient object:

  public '_login' => string 'our_username' (length=16)
  public '_password' => string 'our_password' (length=16)
  public 'trace' => int 1
  public '_stream_context' => resource(20, stream-context)
  public '_soap_version' => int 1
  public 'sdl' => resource(21, Unknown)

Any ideas where I might be going wrong? The _stream_context value has baffled me a little TBH; I was expecting it to say “_local_cert” but it doesn’t. Is this anything to do with using a .cer certificate instead of a .pem do you think?

Thanks all

Just been doing a little more investigation. I find that if I comment out this line…

'local_cert'    => 'path/to/cert.cer',

…then I send headers. With that line (obviously with the correct path to the certificate, relative or absolute) I’m not sending headers. What gives? Any ideas?

Well b*gger me if I wasn’t lead on a wild goose chase when they sent me the certificate. I’d read the documentation and there was no mention of it and suddenly an email turns up with usernames, passwords and a certificate attached and I made an incorrect assumption… and wasted nearly a whole day. Stopped trying the certificate and started to pay attention to the response and I fixed it. Turns out the SOAP Server author doesn’t know proper camelCase and I’d incorrectly written requestId instead of requestID. The WSDL allowed it but the SOAP Server didn’t. Once I’d spotted that in the response I realised that the certificate wasn’t supposed to be used and we were up and running as expected.

Result! (And I feel like a plank) Oh well