Comments (8)
obrunsmann
commented on August 17, 2024
1
Sorry, forgot to update ticket here. Seems that the problem is an issue with openssl. I had the same problem one day later with Amazon S3. The CA Certificate is broken.
So nothing to do here ✌️
from dhl-php-sdk.
Petschko
commented on August 17, 2024
Hm may your Server doesn't allow connections outside? You can still download their file and place it local.
In my Company our Server doesn't allow access to unknow File-Extensions (Whitelist) - So I just added the ".wsdl" File-Extension to the Whitelist and it works^^
from dhl-php-sdk.
Petschko
commented on August 17, 2024
Any News here?
from dhl-php-sdk.
clicktrend
commented on August 17, 2024
Hi @Petschko ,
I'm facing the same error. I'm using openssl 1.1.1c and curl is throwing error
curl -i https://cig.dhl.de/cig-wsdls/com/dpdhl/wsdl/geschaeftskundenversand-api/2.2/geschaeftskundenversand-api-2.2.wsdl
curl: (35) error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small
DHL has a old certificate. To get it work new ciphers must be provided to curl command.
curl -i --ciphers 'DEFAULT:!DH' https://cig.dhl.de/cig-wsdls/com/dpdhl/wsdl/geschaeftskundenversand-api/2.2/geschaeftskundenversand-api-2.2.wsdl
from dhl-php-sdk.
clicktrend
commented on August 17, 2024
This helps
$auth_params = array(
'login' => $this->getCredentials()->getApiUser(),
'password' => $this->getCredentials()->getApiPassword(),
'location' => $location,
'trace' => 1,
'stream_context' => stream_context_create([
'ssl' => [
'ciphers'=>"DEFAULT:!DH"
]
]),
);
But unfortunately your function is private and I cannot override it
from dhl-php-sdk.
Petschko
commented on August 17, 2024
Do you think its a good idea to either:
- Include this by default
- Make the function protected
I can look into that, feel free to let me know more about this!
from dhl-php-sdk.
clicktrend
commented on August 17, 2024
OpenSSL enforce a non-weak DH key because of the Logjam attack. Link. So it makes sense to keep this security enhancement.
The best is that DHL changes its weak certificate. May be they will do it so this issue will be obsolet. In my opinion making the function protected is the best option.
from dhl-php-sdk.
Petschko
commented on August 17, 2024
Thanks for the information!
I made relevant functions protected, so they can overwritten! See: b2cc654
from dhl-php-sdk.
Related Issues (20)
- Remove redundant Code in BusinessShipment.php
- Unauthorized HOT 6
- validateShipment returning statuscode 1 or 0 on refresh HOT 3
- Cases with wrong weak_warning StatusCode HOT 1
- How to create a multi-package-sending? HOT 2
- Geschäftskundenversand-API 3.0 HOT 15
- Geschäftskundenversand-API 3.0 - shipmentNumber HOT 1
- labelFormat Option HOT 5
- GoGreen used in Version 3? HOT 7
- how to connect to production mode using provided credentials HOT 1
- [INFO] about "doManifest" HOT 2
- PHP Version HOT 2
- Exception in extension function java.lang.IllegalArgumentException: is not known
- Endpoints for .com? HOT 1
- returnLabel is empty HOT 5
- SECURITY_VIOLATION HOT 4
- Release of Version HOT 3
- Stuff to fix until 3.0 is fully supported HOT 1
- Encoding: object has no 'ShipmentOrder' property HOT 2
- Failure: Unauthorized HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from dhl-php-sdk.