I currently have an ugly problem. I'm trying to use PHP to exchange data with a partner that is using Client certificates for authentication. The client certificate part itself is fine, I found the support for it in the library. The part that's getting me is that they're using a self-signed certificate on their server. While I have a copy of the certificate's public key, I don't see how to inform the SoapClient object that this is the certificate that I should be trusting. A feature of client certificate authentication is that unless the server's certificate is considered trustworthy the client certificate will not be divulged. I'm sure you can see how this situation is causing me a problem. Does anybody know how to convince PHP that it should trust this certificate? I'd be very happy if it were as easy as copying the cert to a special folder. If there's something obvious in the C source I'd even be willing to apply the fix and submit a patch. I have, by the way, managed to connect and authenticate using another library that also used OpenSSL, so I know that PHP could at least be made to handle this situation. Clay Dowling -- Lazarus Notes from Lazarus Internet Development http://www.lazarusid.com/notes/ Articles, Reviews and Commentary on web development -- PHP Soap Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
