I'm trying to use soap to call a webservice but I keep getting the following error "Warning: SoapClient::SoapClient(): Unable to set private key file".
I'm assuming that the error comes due to the fact the the .cer file I am using only includes public key and no private key. But i'm not sure of another way to use the .cer file. If i don't use the .cer file i can connect just fine and I am able 开发者_如何学Pythonto call and receive results when i use the __getFunctions()
method. However, when i try to use other methods i need to be authorized and that leads to the problem. Below is the simple code i am trying to use. Please let me know if more information is required.
ini_set('display_errors',1);
error_reporting(E_ALL);
ini_set('soap.wsdl_cache_enabled', 0);
$username = 'user';
$password = 'pass';
$ns = 'GatewayEDI.WebServices';
$auth = array();
$auth['User'] = new SOAPVar($username, XSD_STRING, null, null, null, $ns);
$auth['Password'] = new SOAPVar($password, XSD_STRING, null, null, null, $ns);
$headerBody = new SOAPVar($auth, SOAP_ENC_OBJECT);
$header = new SOAPHeader($ns, 'AuthSOAPHeader', $headerBody);
$client=new SoapClient('https://url/Service.asmx?WSDL',
array(
'local_cert' => 'file.cer'
));
$client->__setSOAPHeaders(array($header));
$param = array(
'X12Input'=>"testing",
"GediPayerID"=>"52",
"ResponseDataType"=>"Xml"
);
//this leads to private key error
echo $result = $client->DoInquiryByX12Data($param,$header);
I believe your .pem/.cer file should have your private key in it:
-----BEGIN RSA PRIVATE KEY-----
# base64 encoded key
-----END RSA PRIVATE KEY-----
-----BEGIN CERTIFICATE-----
# base64 encoded cert
-----END CERTIFICATE-----
If your private key's first line has a directive similar to "Proc-Type: 4,ENCRYPTED" you'll need to include the "passphrase" option when constructing your SoapClient()
. You can also strip the passphrase requirement with OpenSSL, my syntax is a bit rusty so you may want to double check if you try it:
openssl rsa -in /path/to/private.key -out /path/to/private.key
"private.key" should be just the private key in this context (you can add it into the .cer/.pem file after the passphrase has been removed.
精彩评论