All geek questions in one place

Complete the soap request via https with cURL self-signed certificate

I am trying to fulfill a soap request for a web service written in C # via https. The server uses a self-signed certificate.

After many unsuccessful attempts using SoapClient I decided to use pure cURL to execute the request.

My code is:

 <?php header('Content-Type: text/plain; charset=utf-8'); $url = 'https://ip:8443/ServiceName'; $admin = 'login'; $password = 'haShedPassw0rdHere'; $post = '<soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> // Soap service params xml </soap:Body> </soap:Envelope>'; $headers = array( 'Content-type: text/xml;charset="utf-8"', 'Accept: text/xml', 'Cache-Control: no-cache', 'Pragma: no-cache', 'SOAPAction: https://ip:8443/ServiceName', 'Content-length: ' . strlen($post), ); $curl = curl_init(); $options = array( CURLOPT_URL => $url, CURLOPT_HTTPHEADER => $headers, CURLOPT_HTTPAUTH => CURLAUTH_ANY, CURLOPT_USERPWD => $admin . ':' . $password, CURLOPT_SSL_VERIFYPEER => false, CURLOPT_SSL_VERIFYHOST => false, CURLOPT_POST => true, CURLOPT_POSTFIELDS => $post, CURLOPT_RETURNTRANSFER => true, CURLOPT_HEADER => false, CURLOPT_FOLLOWLOCATION => true, CURLOPT_ENCODING => '', CURLOPT_AUTOREFERER => true, CURLOPT_CONNECTTIMEOUT => 120, CURLOPT_TIMEOUT => 120, CURLOPT_MAXREDIRS => 10 ); curl_setopt_array($curl, $options); var_dump($response = curl_exec($curl)); ?>

Answer:

 string(370) " <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"> <s:Body> <s:Fault> <faultcode xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> a:InvalidSecurity </faultcode> <faultstring xml:lang="ru-RU">     . </faultstring> </s:Fault> </s:Body> </s:Envelope>"

Where:

Error checking message security.

So something like:

Communication Security Check Error.

What I tried:

And also them.

Question: What am I doing wrong?

Sincerely.

PS: Tested with PHP 5.3 , PHP 5.4.14 , PHP 5.5.1 . The results are the same.

UPDv1:

C # source provided by support:

 private void Button_SetData_Click(object sender, EventArgs e) { eLeed.WebServiceClient client = new eLeed.WebServiceClient(); client.ClientCredentials.UserName.UserName = "login"; client.ClientCredentials.UserName.Password = "haShedPassw0rdHere"; Stream input = null; input = GetQuery("ServiceMethod", TextBox_Command.Text); XmlDocument response = new XmlDocument(); response.PreserveWhitespace = true; response.Load(client.SetDataContractor(input)); ExeResponse(response); input.Close(); client.Close(); }

Ok, this button works. But how to do something like this in php using cURL? Especially how to pass these two lines:

 client.ClientCredentials.UserName.UserName = "login"; client.ClientCredentials.UserName.Password = "haShedPassw0rdHere";

Therefore, should it not return a message such as "invalid credentials" or something else?

+4
source share
1 answer

The error does not seem to be on the client side, but on the server side. The server says that some security check failed. If it was a client error, you will not get anything but a cURL error. You get an XML response.

You should look at the server.

+1
source

Source: https://habr.com/ru/post/1495658/

More articles:


All Articles