What is causing my SOAP request to display an 'acceptable signature' error?

What would usually cause the following error within PHP/SOAP Requests?


Error: SoapFault exception: [soap:Client] System.Web.Services.Protocols.SoapException: Server was unable to process request. ---> The request is not signed with an acceptable signature. at WebService.WebService.ProcessMessage(Payload& payload) in /var/www/osp/demo1.php:51 Stack trace: #0 /var/www/osp/demo1.php(51): SoapClient->__soapCall('ProcessMessage', Array) #1 {main}
LAQUEAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

gr8gonzoConsultantCommented:
Basically, a lot of SOAP requests are digitally signed with a private key. The process is pretty complicated to explain if you're not familiar with PKI and transforms, but think of a digital signature like one of those wax seals that used to be put onto envelopes.

The recipient of an envelope with a wax seal could see two things:
1. If it was broken (which would mean that someone had to break the seal to open the envelope, so the contents might have been altered and you couldn't be certain that the message was real.

2. The wax seal usually had some special design so nobody could easily reproduce that design, but it could be recognized by just about anyone else simply by looking at it. So the recipient could use the wax seal to tell if the envelope was really from someone or if it was from an impostor.

Similarly, a private key can take some data (usually XML) and create a digital signature (looks like a bunch of gibberish) that represents that data. The digital signature is then added to the original message.

Then, on the receiving side, someone takes the public key / certificate that matches the private key and can use it to verify the signature (like someone looking at the wax seal). If the signature can be verified using that public key / certificate, then the recipient can know for sure that the message comes from that sender and has not been altered in any way.

So ultimately, it's all about confirming the sender's identity and preventing someone else from tampering with the data.

Getting back to the technical side of things, the message is saying that either:
1. The server is expecting a digital signature and cannot find one in the message.
OR
2. The server found a digital signature but it's invalid.

Either way, the problem is on the sender's end of things. It sounds like the sender needs to add a digital signature to the SOAP message with a private key and make sure the server/recipient has a copy of the public key.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
LAQUEAuthor Commented:
I understand the part of digital signing something for encrypting. The issue i'm running into to is that I'm able to send a basic SOAP request using SOAP Ui and see the output, but when I attempt to use PHP'S soap client I get that error.  How is SOAP Ui able to function and send the request but the php soap client error out?
0
gr8gonzoConsultantCommented:
I would suggest using Fiddler or some other proxy to capture both requests and compare them.
0
Cloud Class® Course: MCSA MCSE Windows Server 2012

This course teaches how to install and configure Windows Server 2012 R2.  It is the first step on your path to becoming a Microsoft Certified Solutions Expert (MCSE).

Ray PaseurCommented:
No points for this, but here is my assessment.  SOAP is an antiquated protocol that never really made any sense.  Unless you're the Government with the force of legal authority behind you, able to compel your clients to use SOAP, you're not likely to get anybody to use SOAP any more.  Most of the major web service providers abandoned it years ago.  The internet is littered with the rotting husks of failed SOAP projects, and as a result, PHP SOAP support is pretty lame and is never going to get any better.  Example: identical property names in different namespaces collide.  This bug is 5 years old and has never been fixed.  I consider PHP SOAP support to be dead.  And that makes sense in a holistic sort of way -- nobody who understands modern software development is going to start work on a new SOAP API today.

In contrast, consider RESTful interfaces.  All the major service providers use REST.  It offers all of the benefits of an API without the stupefyingly bad design of SOAP.  I've never met anyone who could not immediately understand and use a RESTful API.  REST is the design that powers the WWW, so it's pretty sure to be around for a while and fairly well debugged.  If you have any choice in the matter, abandon SOAP and choose REST.
0
gr8gonzoConsultantCommented:
For what it's worth, SOAP is still the primary protocol for some applications/standards like SAML. It'll be a while before it's completely dead, especially with .NET / WCF making SOAP apps pretty easy to build and consume.
0
LAQUEAuthor Commented:
What would be some of my options for connecting to the vendor's server if it's only accepting SOAP requests? I've read in some of the reponses that SOAP almost appears to be a dead end(even thouhg the server i'm trying to extract data from only accepts SOAP requests), but it also appears that using .NET  would be a much easier route to go. Also the machine I would like to run these requests from is Ubuntu/Linux, but I think that would be an issue if I were to go through the .NET route correct?
0
gr8gonzoConsultantCommented:
If the server only accepts SOAP requests, then you're stuck with SOAP.

.NET just offers WCF, which is a framework that makes it a little easier to deal with SOAP endpoints. You point it at a WSDL via "add a service reference" and it'll build out objects for you. However, if you're on Linux, then you probably won't be able to efficiently use that route (you'd have to go through Mono, which is a different sort of deal).

If you're on Linux, I'd just suggest using nuSOAP or something.
0
LAQUEAuthor Commented:
I've requested that this question be deleted for the following reason:

needed to start at the begining with this question.
0
gr8gonzoConsultantCommented:
All of the answers up to this point have been applicable to the original question. Even if you have a new question on this topic, this specific question and the answers may help someone else who is searching for the same problem. You can definitely start a new question, but just close this one out by accepting the most valid comment as the answer.
0
LAQUEAuthor Commented:
Taking a step back with my question. I'm unsure on actually how to implement PHP/SOAPCLIENT. Trying to find more resources on implementing soapui/php's soap client.
0
gr8gonzoConsultantCommented:
My recommendation is to accept #40436245 as the solution to the original question. The asker has opened up a separate question on how to implement PHP/SOAP, but the original question (what would cause that particular error message) is still a valid and common question that is correctly answered by my initial comment.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
PHP

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.