I got two certificate files from the provider, one in a .cer-format and one in a .p7b-format. I then converted the p7b-certificate to a p12-certificate. With this certificate I'm able to connect to the wsdl from my browser. Then I proceeded to convert that certificate to .pem-format, using some instructions I found on this site.
openssl pkcs12 -clcerts -nokeys -out test.pem -in mycert.p12
openssl pkcs12 -nocerts -out key.pem -in mycert.p12
then combing the cert with the key using the following command:
cat test.pem key.pem > cert.pem
Heres my construct for the web service class:
public function __construct() {
$wsdl_url = 'https://url.to/web_service?wsdl';
$pass = 'passphrase';
$cert = 'cert.pem';
try {
$this->client = new SoapClient($wsdl_url, array('local_cert' => $cert, 'passphrase' => $pass));
} catch(SoapFault $e) {
print_r($e);
}
}
And here is the error:
SSL operation failed with code 1. OpenSSL Error messages: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca in /var/www/html/..
Trying to verify the certificate using:
openssl verify cert.pem
gives me the following error:
error 20 at 0 depth lookup:unable to get local issuer certificate
I've also tried creating the .pem-certificate using the following openssl command:
openssl pkcs12 -in mycert.p12 -out mycert.pem
Verifying this gives me OK, but PHP gives me the following error:
Unable to set local cert chain file `mycert.pem'; Check that your cafile/capath settings include details of your certificate and its issuer
I'm assuming it should be possible to make it work somehow, as I am able to access the wsdl through my browser, by using the .p12-certificate. But I'm not able to locate a solution as to how I should proceed. Thanks in advance.