Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:44911 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 39657 invoked from network); 10 Jul 2009 14:49:29 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 10 Jul 2009 14:49:29 -0000 Authentication-Results: pb1.pair.com smtp.mail=rquadling@googlemail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=rquadling@googlemail.com; sender-id=pass; domainkeys=bad Received-SPF: pass (pb1.pair.com: domain googlemail.com designates 209.85.218.206 as permitted sender) DomainKey-Status: bad X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01 X-PHP-List-Original-Sender: rquadling@googlemail.com X-Host-Fingerprint: 209.85.218.206 mail-bw0-f206.google.com Received: from [209.85.218.206] ([209.85.218.206:55062] helo=mail-bw0-f206.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id FF/40-37812-8F4575A4 for ; Fri, 10 Jul 2009 10:49:28 -0400 Received: by bwz2 with SMTP id 2so877581bwz.23 for ; Fri, 10 Jul 2009 07:49:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:mime-version:received:reply-to:in-reply-to :references:from:date:message-id:subject:to:cc:content-type :content-transfer-encoding; bh=QGBCds1Gv9u6PhEWSpK/vQg6wv8znskYrEYqcoqDLxw=; b=B1ceyt2rpt5vujUyIlKfxMLHNItrW5IMIYylx4o62SQwoBq+S4Cyafuqglhvf4GPBf SL+aUWJrZwjMsQNP0tHD2aOLMcX8Y4UqZgD+QxVdzG4rHb1Nr5/c3p+9IcKUIoATPM9i G2s6LlDWpeyZvzxPp7sfHAhUiqG5Ec3fxaJis= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=mime-version:reply-to:in-reply-to:references:from:date:message-id :subject:to:cc:content-type:content-transfer-encoding; b=E+LChFY6qeonBWuuvowOsq1+n4bPtglufygkmnHo8j/8fE45uMs7Hp57m4fkV2MJjM R+7zjG1T1hwFhm/yvSxDznL1xz5KGFTaO2bZzYt//mWsA+ovGCtXPgpJMKiSR+L+IN5W bqIfwFIel73nIVfHIRk/XRMLvboU7p6cs7SJE= MIME-Version: 1.0 Received: by 10.223.111.211 with SMTP id t19mr1086311fap.64.1247237365109; Fri, 10 Jul 2009 07:49:25 -0700 (PDT) Reply-To: RQuadling@googlemail.com In-Reply-To: References: <4A5350C7.5060600@gmail.com> <1246976308.10382.68.camel@soundwave.ws.pitbpa0.priv.collaborativefusion.com> Date: Fri, 10 Jul 2009 15:49:05 +0100 Message-ID: <10845a340907100749w57c04c87nc029157fb739388a@mail.gmail.com> To: =?UTF-8?B?RGF2aWQgWsO8bGtl?= Cc: "Brian A. Seklecki" , endrazine , PHP internals Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [PHP-DEV] Soap over SSL and From: rquadling@googlemail.com (Richard Quadling) 2009/7/10 David Z=C3=BClke : > On 07.07.2009, at 16:18, Brian A. Seklecki wrote: > >> On Tue, 2009-07-07 at 15:42 +0200, endrazine wrote: >>> >>> It is lacking any type of authentication of the payment gateway, which >>> is not acceptable. >>> >> >> I agree+++. >> >> The problem is that PHP SOAP uses an internal "streams" library instead >> of libcurl; the former lacks, the later has, client/server PKI support. > > Nonsense. ext/soap has support for all of this through PHP's "https" stre= am > which wraps the "ssl" stream. > > Please RT(F)M: > http://php.net/manual/en/soapclient.soapclient.php > http://php.net/manual/en/context.ssl.php > > In short: > > $c =3D new SoapClient( > =C2=A0'https://foo/bar.wsdl', > =C2=A0array( > =C2=A0 =C2=A0'stream_context" =3D> stream_context_create(array( > =C2=A0 =C2=A0 =C2=A0'ssl' =3D> array( > =C2=A0 =C2=A0 =C2=A0 =C2=A0'verify_peer' =3D> true > =C2=A0 =C2=A0 =C2=A0) > =C2=A0 =C2=A0)) > =C2=A0) > ); > > There is the whole range of options related to certs, including for CA ce= rts > etc. SoapClient itself has an option for a 'local_cert' as well. > > - David That's a great example. When SVN is back online, I'll add that as an exampl= e. --=20 ----- Richard Quadling Zend Certified Engineer : http://zend.com/zce.php?c=3DZEND002498&r=3D213474= 731 "Standing on the shoulders of some very clever giants!" ZOPA : http://uk.zopa.com/member/RQuadling