2009/7/10 David Zülke <david.zue...@bitextender.com>: > On 07.07.2009, at 16:18, Brian A. Seklecki wrote: > >> On Tue, 2009-07-07 at 15:42 +0200, endrazine wrote: >>> >>> It is lacking any type of authentication of the payment gateway, which >>> is not acceptable. >>> >> >> I agree+++. >> >> The problem is that PHP SOAP uses an internal "streams" library instead >> of libcurl; the former lacks, the later has, client/server PKI support. > > Nonsense. ext/soap has support for all of this through PHP's "https" stream > which wraps the "ssl" stream. > > Please RT(F)M: > http://php.net/manual/en/soapclient.soapclient.php > http://php.net/manual/en/context.ssl.php > > In short: > > $c = new SoapClient( > 'https://foo/bar.wsdl', > array( > 'stream_context" => stream_context_create(array( > 'ssl' => array( > 'verify_peer' => true > ) > )) > ) > ); > > There is the whole range of options related to certs, including for CA certs > etc. SoapClient itself has an option for a 'local_cert' as well. > > - David
That's a great example. When SVN is back online, I'll add that as an example. -- ----- Richard Quadling Zend Certified Engineer : http://zend.com/zce.php?c=ZEND002498&r=213474731 "Standing on the shoulders of some very clever giants!" ZOPA : http://uk.zopa.com/member/RQuadling -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
