(This PHP5 latest version, Apache Server latest.) I've worked out (rather easily enough) how to use the SoapClient to access a web service. I am using a WSDL-based SoapClient, over HTTPS, with server authentication by client username and password -- it all works great, only a few lines of code, too -- good stuff! What I am stuck on is verification of the server's certificate with a trusted CA. I cannot find any documentation for accessing these features when using SoapClient from the php_soap extension. (1) It seems like verification of the server certificate is off by default. Is this correct? I cannot find any way to disable it or enable it or check it. Can the "verify peer" option be enabled? Can the option be queried? I see documentation for settings at the CURL or even the SSL level. But I am using the SoapClient, so it's no help. (Or is it?) (2) I cannot find a way to provide a cafile or capath value which would provide the trusted CA certificate used to verify the server certificate. Again, I see documentation for settings at lower level APIs, but I am using the SoapClient. (3) Is there a logging or trace setting that can show if server certificate verification is succeeding or failing, kind of like how openssl s_client does? Thanks for any help. -- PHP Soap Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
