对 SSL 的 Soap 客户端调用 [英] Soap Client Call to SSL
问题描述
我正在尝试从 HTTPS 服务器获取 WSDL 的内容
I am trying to get the content of WSDL from HTTPS Server
<?php
echo file_get_contents("https://zendsoap.lan/Zend_Soap_Server.php?wsdl");
?>
它返回:
警告:file_get_contents() [function.file-get-contents]:SSL 操作失败,代码为 1.OpenSSL 错误消息:error:1408E0F4:SSL 例程:func(142):reason(244) in/Applications/AMPPS/www/zendSoap.lan/Zend_Soap_Client.php 第 4 行
Warning: file_get_contents() [function.file-get-contents]: SSL operation failed with code 1. OpenSSL Error messages: error:1408E0F4:SSL routines:func(142):reason(244) in /Applications/AMPPS/www/zendSoap.lan/Zend_Soap_Client.php on line 4
警告:file_get_contents() [function.file-get-contents]:无法在第 4 行的/Applications/AMPPS/www/zendSoap.lan/Zend_Soap_Client.php 中启用加密
Warning: file_get_contents() [function.file-get-contents]: Failed to enable crypto in /Applications/AMPPS/www/zendSoap.lan/Zend_Soap_Client.php on line 4
警告:file_get_contents(https://zendsoap.lan/Zend_Soap_Server.php?wsdl) [function.file-get-contents]:无法打开流:操作在/Applications/AMPPS/www/zendSoap.lan/中失败Zend_Soap_Client.php 第 4 行
Warning: file_get_contents(https://zendsoap.lan/Zend_Soap_Server.php?wsdl) [function.file-get-contents]: failed to open stream: operation failed in /Applications/AMPPS/www/zendSoap.lan/Zend_Soap_Client.php on line 4
当我可以转到 WSDL 位置时 (https://zendsoap.lan/Zend_Soap_Server.php?wsdl):一切看起来都很好.
AND when I can goto the WSDL Location (https://zendsoap.lan/Zend_Soap_Server.php?wsdl): Everything looks fine.
P.S:谁能告诉我如何共享 WSDL 文件
P.S: Can anybody tell me how can I share the WSDL file
推荐答案
我同意 RockyFord 的观点,认为这是一个 SSL 问题(我很确定你会有一个自签名证书,并且由于使用 SSL,有一个您需要采取几个步骤来最大程度地减少安全问题).关于眼前的问题,您可以尝试使用类似于此的代码修复它:
I agree with RockyFord regarding it being an SSL issue (I'm pretty sure you will have a self signed certificate in place and due to using SSL there are a few steps you will need to take in order to minimise security concerns). Regarding the immediate issue you could try fixing it with code similar to this:
$url = 'https://zendsoap.lan/Zend_Soap_Server.php?wsdl';
$contextOptions = array(
'ssl' => array(
'verify_peer' => true,
'CN_match' => 'zendsoap.lan' // assuming zendsoap.lan is the CN used in the certificate
)
);
$sslContext = stream_context_create($contextOptions);
$wsdlContent = file_get_contents($url, NULL, $sslContext);
(更新: 将上面的代码更改为
'verify_peer' => false
虽然对于基本开发来说可能没问题,但这并不是一个好主意,绝对不应该在生产环境中使用,因为它会带来严重的安全问题 - 请参阅这篇关于 如何从 PHP 代码通过 SSL 正确保护远程 API 调用作者:Artur Ejsmont 了解有关此主题的更多信息以及 Transport层安全备忘单和保护Web服务 来自 OWASP)
while it may be ok for basic development it's not really a good idea and definitely shouldn't be used in a production environment as it introduces serious security concerns - see this excellent article on How to properly secure remote API calls over SSL from PHP code by Artur Ejsmont for more on this subject as well as the Transport Layer Security Cheat Sheet and Securing Web Services by OWASP)
要了解您在 Zend Framework 应用程序中共享 WSDL 的观点,您可以执行以下操作来开始:
To pick up on your point regarding sharing a WSDL from within a Zend Framework application you could do something like this to get started:
// go to application/configs/application.ini
// if your APPLICATION_ENV is development then add the following line in the development section:
phpSettings.soap.wsdl_cache_enabled = 0
上面的行将防止您的 wsdl 在开发过程中被缓存.接下来你可能想创建一个 SoapController 并像这样添加这个动作:
The line above will prevent your wsdl being cached during development. Next you might want to create a SoapController and add this action like this:
public function serverAction()
{
$baseUrl = 'http://zendsoap.lan/soap/server';
if( isset( $_GET['wdsl'] ) ) {
$strategy = new Zend_Soap_Wsdl_Strategy_AnyType();
$server = new Zend_Soap_AutoDiscover($strategy);
$server->setUri($baseUrl);
$server->setClass('Application_Model_Web_Service');
$server->handle();
} else {
$server = new Zend_Soap_Server($baseUrl . '?wsdl');
$server->setClass('Application_Model_Web_Service');
$server->handle();
}
}
上述方法的好处是 WSDL 将即时为您生成.您会注意到 setClass() 方法将使用作为唯一参数传递的Application_Model_Web_Service"来调用.为了测试您的配置,我建议您创建该类并插入下面的方法.使用包含单一方法的简单服务测试您的配置将帮助您在使服务变得更复杂之前进行故障排除.这是示例方法:
The nice thing about the approach above is the WSDL will be generated for you on the fly. You will have noticed the setClass() method is going to be called with 'Application_Model_Web_Service' passed as the only parameter. To test your configuration I recommend you create that class and insert the method below. Testing your configuration with a simple service containing a single method will help you with troubleshooting before you make the service more complex. Here is the example method:
// Note: you should definitely comment your methods correctly in the class so
// the WSDL will be generated correctly - by that I mean use @param and @return
// so the correct input and output types can be determined and added to the WSDL
// when the the ZF component generates it for you
/**
* @return string
*/
public function getMessage()
{
return 'ok';
}
(更新: 也是为了回答您提出的关于使用 Zend_Soap_Client 访问网络服务的问题,因为看起来您打算使它是一项安全服务,我建议您提出一个关于使用 php 设置安全肥皂服务的单独问题.如果您详细解释了您在该问题中尝试做的事情,您可能会从一系列专家那里得到一些很好的意见.实践:-)
(UPDATE: Also in response to the question you asked regarding using Zend_Soap_Client to access the web service, since it looks like you're intending to make it a secure service I'd suggest you raise a separate question regarding setting up secure soap services with php. If you explain more about what you're trying to do in that question you may get some good input from a range of experts on best practices :-)
)
我知道您是 SO 新手,所以如果您对答案感到满意,您可以接受它,通常最好只回复一个答案,而不是添加另一个答案来回复.当然,当你知道怎么做时很容易,当有人告诉你时更容易;-)
I know you're new to SO so if you're happy with the answer you can accept it, also generally it's best to just reply to an answer rather than add another answer to reply. Easy when you know how of course and even easier when someone tells you ;-)
这篇关于对 SSL 的 Soap 客户端调用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
