Edit report at https://bugs.php.net/bug.php?id=63113&edit=1
ID: 63113
Updated by: fel...@php.net
Reported by: milad dot arabi at gmail dot com
Summary: can't call method from webservice server ssl3
-Status: Feedback
+Status: Not a bug
Type: Bug
Package: OpenSSL related
Operating System: opensuse 11.4
PHP Version: 5.3.17
Block user comment: N
Private report: N
New Comment:
Thanks for the feedback.
Previous Comments:
------------------------------------------------------------------------
[2012-11-04 15:18:28] milad dot arabi at gmail dot com
hi all
one of my friend solved problem by c# on windows server,he import invalid https
certification file into windows and ...
invalid certification cause this problem.
tnx php guys
------------------------------------------------------------------------
[2012-09-20 13:00:04] milad dot arabi at gmail dot com
yes,on my server i connect to 3 other https soap server without any problem
with
php.
when use openssl(from command line) to connect to that 3 server i don't specify
ssl version and work perfectly.
this odd soap server running https over port 8888.is causing the problem?
------------------------------------------------------------------------
[2012-09-20 02:01:17] ahar...@php.net
Does it work if you use a WSDL from a server with a valid SSL certificate?
------------------------------------------------------------------------
[2012-09-19 15:25:26] milad dot arabi at gmail dot com
one think i forgot,that company don't register their domain and we add manually
in DNS server and of course their Certification is invalid.
Server8:~ # openssl s_client -connect suny.iscboard.com:8888 -state
CONNECTED(00000003)
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL3 alert read:fatal:unexpected_message
SSL_connect:error in SSLv2/v3 read server hello A
139780943029928:error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
u nexpected
message:s23_clnt.c:658:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 209 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---
Server8:~ # openssl s_client -connect suny.iscboard.com:8888 -state -ssl3
CONNECTED(00000003)
SSL_connect:before/connect initialization
SSL_connect:SSLv3 write client hello A
SSL_connect:SSLv3 read server hello A
depth=0 C = IR, ST = Tehran, L = Tehran, O = ISC, OU = Iscboard, CN =
*.iscboard.com
verify error:num=18:self signed certificate
verify return:1
depth=0 C = IR, ST = Tehran, L = Tehran, O = ISC, OU = Iscboard, CN =
*.iscboard.com
verify return:1
SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A
---
Certificate chain
0 s:/C=IR/ST=Tehran/L=Tehran/O=ISC/OU=Iscboard/CN=*.iscboard.com
i:/C=IR/ST=Tehran/L=Tehran/O=ISC/OU=Iscboard/CN=*.iscboard.com
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICSTCCAbKgAwIBAgIESxo90jANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQGEwJJ
UjEPMA0GA1UECBMGVGVocmFuMQ8wDQYDVQQHEwZUZWhyYW4xDDAKBgNVBAoTA0lT
QzERMA8GA1UECxMISXNjYm9hcmQxFzAVBgNVBAMMDiouaXNjYm9hcmQuY29tMB4X
DTA5MTIwNTExMDI0MloXDTE5MTIwMzExMDI0MlowaTELMAkGA1UEBhMCSVIxDzAN
BgNVBAgTBlRlaHJhbjEPMA0GA1UEBxMGVGVocmFuMQwwCgYDVQQKEwNJU0MxETAP
BgNVBAsTCElzY2JvYXJkMRcwFQYDVQQDDA4qLmlzY2JvYXJkLmNvbTCBnzANBgkq
hkiG9w0BAQEFAAOBjQAwgYkCgYEAs+y+EHRnjvdjBdAhEg2PBGn5+IAfG2Funu0c
LmtvSldvH9zALt9J/Kjgdlz24ROmD5xsqAtGXdDJL46lyRHiHVethwiU4p0hF28X
/oqdz/SpGsYWi+ICl/kQAR8E331dvU+LJD4aaf7r/te3NoBMu/37Vc8sc8uWvS77
EAYKXB0CAwEAATANBgkqhkiG9w0BAQUFAAOBgQCRENcpbuz/8FKO+ZnYDvA05Syo
90Jz3REr2n+aTDJGEYpqgRVE3RaIO4X4vQ0IC7E5RnYNjWb4zNDjML8dC1nNnv5J
yAGv+4W9N1NYOrt0ZbwQuVz4GxUE3UwLydnPOYk6hPCme3jwGJ8KWBoMIyP2eJzK
JxvBufnx6803p2b/5g==
-----END CERTIFICATE-----
subject=/C=IR/ST=Tehran/L=Tehran/O=ISC/OU=Iscboard/CN=*.iscboard.com
issuer=/C=IR/ST=Tehran/L=Tehran/O=ISC/OU=Iscboard/CN=*.iscboard.com
---
No client certificate CA names sent
---
SSL handshake has read 1185 bytes and written 321 bytes
---
New, TLSv1/SSLv3, Cipher is EDH-RSA-DES-CBC3-SHA
Server public key is 1024 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : EDH-RSA-DES-CBC3-SHA
Session-ID: 5059EE1FC222FE5DE940379770C555B85F26026B14065894B6B3778B5B945815
Session-ID-ctx:
Master-Key:
EA29F07752B705DEE9D83E5BE5B212FD9F3161323332A30833AD7BA8AC37061721BCE365FADC566A370ABD3B63953261
Key-Arg : None
PSK identity: None
PSK identity hint: None
Start Time: 1348067336
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
---
SSL3 alert read:warning:close notify
closed
SSL3 alert write:warning:close notify
------------------------------------------------------------------------
[2012-09-19 14:47:33] milad dot arabi at gmail dot com
my server under load and i really cant update it,that webservice only accept
specific ip.
file_get_contents result:
Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error
messages: error:140773F2:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert
unexpected message in /data/wwwroot/crm/dga/MustBeDeleted/ter.php on line 4
Warning: file_get_contents(): Failed to enable crypto in
/data/wwwroot/crm/dga/MustBeDeleted/ter.php on line 4 Warning:
file_get_contents(https://mydomain-server.com:8888/bsiws/billing?wsdl): failed
to open stream: operation failed in /data/wwwroot/crm/dga/MustBeDeleted/ter.php
on line 4
------------------------------------------------------------------------
The remainder of the comments for this report are too long. To view
the rest of the comments, please view the bug report online at
https://bugs.php.net/bug.php?id=63113
--
Edit this bug report at https://bugs.php.net/bug.php?id=63113&edit=1
