Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Disable certificate verification in PHP SoapClient

Tags:

php

soap

https

ssl

soap-client

Summary:
Is there a way to force the built in SoapClient-class in PHP to connect over HTTPS to a server with an invalid certificate?

Why would I want to do that?
I have deployed a new application on a server that has no DNS entry or certificate yet. I want to try connecting to it with a SoapClient before setting up the DNS entry and fixing the certificate, and the most reasonable way to do this seems to be to just make the client ignore the certificate during testing.

Don't I realise that this is a huge security risk?
This is only for testing. When the service goes into production, there will be a valid certificate in place, and the client will be forced to validate it.

like image 460
MW. Avatar asked Dec 09 '11 09:12

MW.

People also ask

How do I disable curls verification certificate?

If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.

How do I disable browser certificate?

In the Internet Options window on the Advanced tab, under Settings, scroll down to the Security section. In the Security section, locate the Use SSL and Use TLS options and uncheck Use SSL 3.0 and Use SSL 2.0.

How do I disable SSL certificate verification in SoapUI?

Close any open instance of SoapUI. Uninstall the AppScan SSL Certificate by clicking Tools > Options > Recording Proxy tab > Remove. Note: Ignore the warning that appears.

1 Answers

SoapClient takes a stream context in its parameters, which you can create yourself. That way you can control almost every aspect of the transport layer:

$context = stream_context_create([     'ssl' => [         // set some SSL/TLS specific options         'verify_peer' => false,         'verify_peer_name' => false,         'allow_self_signed' => true     ] ]);  $client  = new SoapClient(null, [     'location' => 'https://...',     'uri' => '...',      'stream_context' => $context ]);

Documentation:

  • stream_context_create() Docs
  • HTTP context options Docs
  • SSL context options Docs
like image 53
Kaii Avatar answered Sep 20 '22 15:09

Kaii
Sign in to Comment

Related questions

Extension mysqli is missing, phpmyadmin doesn't work
What is a slug?
Laravel mysql migrate error
PHP Fatal error: Cannot access empty property
How to generate random date between two dates using php?
How to generate lighter/darker color with PHP?
Select records from today, this week, this month php mysql
Using Carbon to return a human readable datetime difference
hasMany vs belongsToMany in laravel 5.x
How can I compare two sets of 1000 numbers against each other?
fgetcsv fails to read line ending in mac formatted csv file, any better solution?
When to use Try Catch blocks
Do I need to restart Apache after changing the php.ini file?
How can I disable PHP's "easter egg" URLs?
Advantages / Disadvantages of pconnect option in CodeIgniter
Throw a NotImplementedError in PHP?
Is there a difference between the UTC and Etc/UTC time zones?
How can I get php to return 500 upon encountering a fatal exception?
Base64 Encoding Image
How do I make my PHP IDE understand Dependency Injection Containers?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!