Have you ever tried to obtain an X509 certificate from a remote site? This is quite required when you need to write a PHP client to securely access a web service using WSF/PHP. Or may be a Ruby client using WSF/Ruby.
Naaah...!!! this is not only for WSF or for web services stuff. But also if you need simply to encrypt locally and send the file as an attachment to a remote party via mail or to verify a signature of an attachment.
OK. This is how you do it. Simply enter the following command. Here we are going to obtain the google's certificate. Never forget to have openssl installed in your system.
echo | openssl s_client -connect 64.233.161.103:443 2>&1 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > cert.cert
Note that we are saving the file as cert.cert. You are free to use any file name.
OK. Now by simply replacing the ip address (64.233.161.103) from yours, you can obtain the X509 certificate of your desired site.
Subscribe to:
Post Comments (Atom)
4 comments:
I'm trying to get a wsf/php ws client going over ssl and I'm not sure why I have to create certificates. I would love an article explaining why we have to do this when we don't have to when using other soap libraries, and also a tutorial explaining start to finish how to use a ws client over ssl.
Here, Here! What is the deal with these certs when communicating to a WSF/PHP Service on a domain already configured for SSL (HTTPS)?
Really hope this one isn't a deal breaker for WSF/PHP for us, as we've really enjoyed everything up to this point, primarily WS-Security and WS-Addressing, etc...
Is WSClient REQUIRED to interact with "secure WSF/PHP services" ? I doubt that many of our end-users will be running WSF/PHP WSClient over native PHP SOAP or NuSOAP, for example.
The certificate you need is for message level security. For example if you need to encrypt a body of a SOAP message you have to obtain the recipient's certificate. Please refer the following article for more details.
http://wso2.org/library/2814
And also
Difference between Transport-Layer and Message-Level Security
HTH...
Malinda,
Please see my reply in the WSO2 WSF/PHP Forum:
http://wso2.org/forum/thread/5193
There is a patch referenced in my post that I hope to see implemented into the next WSF/PHP revision (in the event it hasn't already!)
Post a Comment