I am attempting to connect to a soap service that requires a client certificate. I am currently developing from localhost with XAMPP.
The file I received (client certificate) from the SOAP service provider came to me as a plain .txt file. I have no idea what format it is in, but I renamed it to.crt and it installed fine in Windows 10 - The service works in SoapUI.
Steps I took:
1) Saved the certificate as soap.service.crt
2) Installed the certificate (Windows 10) - This got SoapUI working. The request and response works fine.
Now, I need to get this working in Apache / PHP
Here is how I set up:
(Request array not shown. Target address is https.)
$my_cert_file = "c:\\xammp\htdocs\website\trunk\soap.service.crt";
$wsdl = "https://some.com/arbitrary/service?wsdl";
$context = stream_context_create([
'ssl' => [
// set some SSL/TLS specific options
'verify_peer' => false,
'verify_peer_name' => false,
'allow_self_signed' => true
]
]);
try
{
$client = new SoapClient ($wsdl, array('trace' => 1, 'local_cert'=>$my_cert_file, 'context'=>$context));
}
catch(Exception $e)
{
echo $e->getMessage();
return;
}
$client->__setSoapHeaders(soapClientWSSecurityHeader());
// I am calling a WSS method - checked and works fine in SoapUI.
$result = $client->authenticateMember($params);
$request = $client->__getLastRequest();
$response = $client->__getLastResponse();
My actual question(s):
I read that I have to include a key in my certificate, essentially my private key concatenated with the received certificate.
1) What format does this concatenated certificate need to be in? 2) How do I generate this private key - does the client certificate need to be input (in other words, is the private key generated "from" the .crt file?) 3) How do I go about doing all this - what tool do I use? (I do have access to an Ubuntu 16.04 vm) 4) Does the call setup look correct to you?
Finally, here is the error I am getting:
SOAP-ERROR: Parsing WSDL: Couldn't load from 'https://some.com/arbitrary/service?wsdl' : failed to load external entity "https://https://some.com/arbitrary/service?wsdl"