0

我必须使用(来自我的客户文档)在 .Net 服务器上调用 SOAP WS

SOAP 1.1
WS-Addressing (August 2004)
WS-Security 1.1
WS-Trust (February 2005)
WS-SecureConversation (February 2005)
WS-SecurityPolicy 1.1

我使用 WSO2 WSF/PHP(wso2-wsf-php-src-2.1.0.zip 文件),这是我的客户端

function appel($rec_cert, $pvt_key, $sUrl)
{
$reqPayloadString = <<<XML
<ns1:echo xmlns:ns1="http://wso2.org/wsfphp/samples"><text>Hello World!</text></ns1:echo>
XML;
    $sPolicy = dirname(__FILE__) . '/policy.xml';
    $sAction = "http://www.aaa.fr/SendMessage";
    $reqMessage = new WSMessage($reqPayloadString, array("to" => $sUrl, "action" => $sAction));

    $policy_xml = file_get_contents($sPolicy);
    $policy = new WSPolicy($policy_xml);
    $sec_token = new WSSecurityToken(array("privateKey" => $pvt_key, "receiverCertificate" => $rec_cert));

    $client = new WSClient(array(
        "useSOAP"=>1.1, 
        "useWSA" => 1.0,
        "policy" => $policy, 
        "securityToken" => $sec_token,
    ));

    $resMessage = $client->request($reqMessage);

    printf("Response = %s \n", $resMessage->str);
}

在我的本地网络服务上,它运行良好,但只是在我的客户预生产服务器上抛出异常“错误,未收到响应”。我只是不使用相同的密钥和证书,因为我没有客户密钥。

这是我的本地网络服务

<?php 

function echoFunction($inMessage) {
    $returnMessage = new WSMessage($inMessage->str);
    return $returnMessage;
}

$pub_key = ws_get_cert_from_file("/var/www/samples/security/keys/alice_cert.cert");
$pvt_key = ws_get_key_from_file("/var/www/samples/security/keys/bob_key.pem");

$operations = array("echoString" => "echoFunction");

$actions = array("http://www.aaa.fr/SendMessage" => "echoString");

$policy = new WSPolicy(file_get_contents("policy.xml"));
$sec_token = new WSSecurityToken(array("privateKey" => $pvt_key, "receiverCertificate" => $pub_key));

$svr = new WSService(array(
    "actions" => $actions,
    "operations" => $operations,
    "policy" => $policy,
    "securityToken" => $sec_token));

$svr->reply();

最大的问题是这个错误发生在一个不存在的 url、客户端和服务器之间的不同策略以及我可以在我的服务器上创建的其他几个错误。

第一个证据来自 wsf_php_client.log :

[Mon Jan 28 15:49:02 2013] [error] assertion_builder.c(510) [neethi] Unknown Assertion RampartConfig with namespace http://ws1.apache.org/rampart/policy
[Mon Jan 28 15:49:02 2013] [error] engine.c(548) [neethi] Assertion creation failed from element.
[Mon Jan 28 15:49:02 2013] [error] engine.c(145) [neethi] All creation failed
[Mon Jan 28 15:49:02 2013] [error] engine.c(473) [neethi] All creation failed from element.
[Mon Jan 28 15:49:02 2013] [error] engine.c(190) [neethi] Exactlyone creation failed.
[Mon Jan 28 15:49:02 2013] [error] engine.c(496) [neethi] Exactlyone creation failed from element.
[Mon Jan 28 15:49:02 2013] [error] engine.c(285) [neethi] Policy creation failed.

和第二个(我正在搜索这个)

[Mon Jan 28 16:18:13 2013] [info]  Starting addressing out handler
[Mon Jan 28 16:18:13 2013] [debug] http_transport_sender.c(241) ctx_epr:https://recette.customer.fr/securit.svc
[Mon Jan 28 16:18:13 2013] [debug] http_transport_sender.c(776) using axis2 native http sender.
[Mon Jan 28 16:18:13 2013] [debug] http_sender.c(494) msg_ctx_id:urn:uuid:ef0a33e6-695d-1e21-2453-d43d7e273c95
[Mon Jan 28 16:18:13 2013] [debug] http_transport_utils.c(3794) No session map stored
[Mon Jan 28 16:18:13 2013] [info]  [ssl client] CA certificate not specified
[Mon Jan 28 16:18:13 2013] [error] ssl/ssl_utils.c(50) Cannot find certificates
[Mon Jan 28 16:18:13 2013] [error] ssl/ssl_stream.c(99) Error occurred in SSL engine
[Mon Jan 28 16:18:13 2013] [error] http_client.c(294) Data stream creation failed for Host recette.customer.fr and 443 port
[Mon Jan 28 16:18:13 2013] [error] http_client.c(560) Client data stream null or socket error for host recette.customer.fr and 443 port
[Mon Jan 28 16:18:13 2013] [error] http_client.c(562) A read attempt(HTTP) for the reply without sending the request
[Mon Jan 28 16:18:13 2013] [error] http_sender.c(1303) status_code < 0
[Mon Jan 28 16:18:13 2013] [error] engine.c(171) Transport sender invoke failed
[Mon Jan 28 16:18:13 2013] [error] /home/cedric/wso2-wsf-php-src-2.1.0/src/wsf_client.c(1696) [WSF/PHP] Response Payload NULL( Error number and code) => : 76 :: A read attempt(HTTP) for the reply without sending the request

我在哪里可以找到更多信息来解决我的问题?我已经要求客户告诉我他是否有我的 WS 呼叫的任何痕迹(但我现在仍然没有答案)。

4

1 回答 1

-1

我认为您的服务器没有启动与远程服务器的 SSL 通信。如果它无法将其证书追踪到它知道的根证书颁发机构,则可能会发生这种情况(请参阅https://en.wikipedia.org/wiki/Root_certificate)。

通常您可以禁用此检查(例如,如果您使用 CURL),或者更好地 - 提供 ca.crt 文件的路径。默认情况下,Apache 应该知道它在哪里。例如,它的配置可能包括

SSLCACertificateFile "C:/Program Files/Apache Software Foundation/Apache2.2/conf/keys/ca.crt"

(如http://wso2.org/library/articles/ssl-enabled-web-services-apache-axis2-c中所述)

于 2013-02-07T18:09:44.367 回答