Verisign Identity Protection in PHP

Is there anyone who has an experience on how to integrate Verisign Identity Protection (VIP) in PHP? The dev site provides sample codes for C# and Java only. I’ve tried translating the codes from C# to PHP, however, I’m having some problems on how to apply SSL certificate (.p12) to securely connect to Verisign API.

Thanks

Have you looked at [fphp]curl[/fphp]?

must use SOAP for this one.

do you have any idea?

Off Topic:

It’s the rare programmer that uses soap.

sorry but the api requires to use SOAP…

http://us3.php.net/manual/en/book.soap.php

yeah… that’s the manual…

but first, my concern is to look for a counterpart function on how to apply a SSL certificate in PHP

Apply a what to PHP? Errrm we are going to need more context.

Here’s the C# code for this:

using System;
using System.Collections.Generic;
using System.Text;
using System.IO;
using System.Security.Cryptography.X509Certificates;

    static string certFile = "*******.p12";
    static string certFilePassword = "*********";

static void Main(string args)
{
clientAuthI = new vipSoapInterfaceService();

        applyCert(clientAuthI, certFile, certFilePassword);
    }

private static void applyCert(vipSoapInterfaceService v, String certFileT, String password)
{
FileStream fs = File.Open(certFileT, FileMode.Open, FileAccess.Read);
byte buffer = new byte[fs.Length];
int count = fs.Read(buffer, 0, buffer.Length);
fs.Close();
X509Certificate2 cert = new X509Certificate2(buffer, password);
v.ClientCertificates.Add(cert);
}

Now, I need to write a counterpart code for PHP.

sorry but the api requires to use SOAP…
[/QUOTE]

whooooosh :wink: :rofl:

Why dont your try to write something and then ask for help? You can’t just expect people to write stuff for you… you’ll never learn yourself.

This is what you need:
http://php.net/manual/en/function.stream-context-create.php
http://php.net/manual/en/context.ssl.php

OpenSSL must be installed and enabled for PHP.

Convert you .p12 file to a PEM-encoded file.

Since this is SOAP, you should use the SOAP extension that was linked. It has a parameter for passing in a stream context, which allows you to do what stream_context_create() would do.

Remember to turn on verify_peer and provide a CA file to prevent a man in the middle attack.

Verisign targets “corporatish” clients so java and c#. I work professionally in “corporatish” world so I’m not surprised, I’m rather surprised that you have to do this in PHP. I’m curious to know if it is a client requirement to use Verisign or PHP or if it is your own choice ?

Hello.
Did you solved the connection to VIP with php?
now I have to do the similar thing.
I simple would apply a method with sope protocol, but I got exceptions.

Could you maybe tell me if this was working for you?

Thanks.