soap - Php SoapClient stream_context option

Question

I want to use a third party's web service. To use the web service I need to connect with HTTPS. My problem is that for the development process I have a test api with an invalid certificate. I would like to set SoapClient no to verify the server's certificate. Here is the way I tried:

$opts = array(
    'ssl'   => array(
            'verify_peer'          => false
        ),
    'https' => array(
            'curl_verify_ssl_peer'  => false,
            'curl_verify_ssl_host'  => false
     )
);
$streamContext = stream_context_create($opts);
$client = new SoapClient("https://urlToSoapWs",
  array(
      'login'             => 'user',
      'password'          => 'pwd',
      'authentication'    => SOAP_AUTHENTICATION_BASIC,
      'local_cert'        => file_get_contents('C:/somelocation/1.pem'),
      'passphrase'        => 'passphrase',
      'stream_context'    => $streamContext
  ));

I also tried with CURL and worked! But I want to use SoapClient. You can find the code with CURL below:

// create a new cURL resource
$ch = curl_init("https://urlToSoapWs");

// setting the request type to POST: 
curl_setopt($ch, CURLOPT_POST, 1);

curl_setopt($ch, CURLOPT_HTTPHEADER, array("Content-Type: text/xml")); 
// setting the authorization method to BASIC: 
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); 
// supplying your credentials: 
curl_setopt($ch, CURLOPT_USERPWD, "user:pwd");

$body = "<SOAP-ENV:Envelope>somexmlhere</SOAP-ENV:Envelope>";
// filling the request body with your SOAP message: 
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);

// configuring cURL not to verify the server certificate: 
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSLCERT, "pathToTheCertificatePemFile");
curl_setopt($ch, CURLOPT_SSLCERTPASSWD, "pwd");
//curl_setopt($ch, CURLOPT_SSLCERTTYPE, "PEM");

curl_setopt($ch, CURLOPT_SSLKEY, "pathTotheKeyFile");
curl_setopt($ch, CURLOPT_SSLKEYPASSWD, "pwd");

// telling cURL to return the HTTP response body as operation result 
// value when calling curl_exec: 
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); 
// calling cURL and saving the SOAP response message in a variable which 
// contains a string like "<SOAP-ENV:Envelope ...>...</SOAP-ENV:Envelope>": 


$result = curl_exec($ch);
// closing cURL: 
curl_close($ch);

If you have found the bug in the code that I provided using the SoapClient please post it. Thanks.

Answer 1

Maybe not the invalid Certificate is a Problem, more the SSLv2/3 Handshake; can you try manually specifing a Cipher like this:

$stream_opts = array(
//      'ssl'=>array('ciphers'=>"3DES" // also working
//      further ciphers on http://www.openssl.org/docs/apps/ciphers.html
        'ssl'=>array('ciphers'=>"SHA1"
      )
);

$myStreamContext = stream_context_create($stream_opts);
$soapOptions['stream_context'] = $stream_opts;
$soapClient = new SoapAuthClient("https://...", $soapOptions);

Good luck!