Hi. I'm trying to connect to a webservice using WS-Security. I am currently using wsf/php library in generating the WS-Security header. The problem is i am getting a "the certificate used for the signature is not trusted" error. We have developed a java application that connects to the same service and uses the same certificate and key and it was able to go through. So i am positive that the certificate i'm using is valid. The java app by the way uses apache axis2.
Also, i noticed that the signature value generated by the java app looks different than that of the one generated by wsf/php. The signature value generated by java prints in multiple lines while the value generated by php just prints in one line. I am not sure if that has something to do with the error i am getting but if i edit the security header (generated by java), such that the signature value will print in one line, it gives me the error i mentioned above.
Can somebody help me please? Thanks!
Below is my code:
$reqMessage = new WSMessage($data, array("to"=>$url));
// loading the keys
$client_cert = ws_get_cert_from_file($clientcert);
$server_cert = ws_get_cert_from_file($servercert);
$my_key = ws_get_key_from_file($certkey);
// preparing the policy array
$sec_array = array("sign"=> TRUE,
"algorithmSuite" => "Basic256Rsa15",
"securityTokenReference" => "Direct");
$policy = new WSPolicy(array("security"=>$sec_array));
// preparing the security_token
$sec_token = new WSSecurityToken(array(
"certificate" => $client_cert, "privateKey"=>$my_key, "receiverCertificate" => $server_cert));
// create the client using the policy and sec token
$client = new WSClient(array("useMTOM" => FALSE,
"useWSA" => FALSE,
"useSOAP" => "1.1",
"policy" => $policy,
"securityToken" => $sec_token,
"wsdl" => $wsdl,
"CACert" => $servercert));
// invoke the request
$resMessage = $client->request($reqMessage);