secure server-to-server transmissions

Re: secure server-to-server transmissions

runner7 wrote:
Hi,

Did you look up ftp at www.php.net?
Just type ftp in the searchbox, select the functions, and go.
Read it. :-)

It contains a link to a function named ftp_ssl_connect () which does what you
need.

Regards,
Erwin Moller

Re: secure server-to-server transmissions

runner7 wrote:You could call exec() to use SCP, given both your server and the
recipient system are running *nix.

-Nick

Re: secure server-to-server transmissions

I guess I should have mentioned I may need to use SOAP securely, and as
far as I can tell SOAP only works over HTTP(S?). Any solutions for
using SOAP securely?

Re: secure server-to-server transmissions

On 2 Oct 2006 20:35:50 -0700, "runner7" <runner7@fastma il.fmwrote:
When you've got one server communicating to another, then one of the servers
is just a client, so all the usual secure client-server methods are available:
https, ssh, etc.

--
Andy Hassall :: andy@andyh.co.u k :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool

Re: secure server-to-server transmissions

Andy Hassall wrote:Would it be safe to assume, then, that I could do the following with a
SOAP kit such as NuSOAP and expect secure communications as long as the
server subdomain is properly set up with an SSL certificate? In other
words, all I have done is add "s" to the scheme:

$client = new soapclient('htt ps://sub.domain.com/soap_app.php');

Is anything else needed? Which software is actually handling the
client-side aspects of the secure connection: the web server, the
operating system, NuSOAP, or PHP runtime?

Re: secure server-to-server transmissions

On 3 Oct 2006 15:58:35 -0700, "runner7" <runner7@fastma il.fmwrote:
Yes, that'd get you at least SSL encryption for the communication.
The PHP runtime. PHP can act as an HTTP, HTTPS and FTP client (and more):


There is also an interface to the cURL library which implements many
protocols, and offers more options in some areas than PHP's built in support:


I don't know which one NuSOAP uses, but I would expect that it'd be
configurable and probably use PHP's native support by default with the option
to use cURL.

HTTPS gets you two things; encryption for the traffic to avoid eavesdropping,
and verification of the identity of the site through the certificate to avoid
impostor sites. Encryption may well be enough for you; but if you want to also
verify the certificate, then cURL does this by default (see the
CURLOPT_SSL_VER IFYPEER option), and the PHP HTTPS client doesn't but has an
option for it (see verify_peer at the bottom of
http://uk2.php.net/manual/en/transpo...ransports.inet and then backtrack
through the page to find how to set it).

--
Andy Hassall :: andy@andyh.co.u k :: http://www.andyh.co.uk
http://www.andyhsoftware.co.uk/space :: disk and FTP usage analysis tool

Re: secure server-to-server transmissions

Thanks so much Andy. I'm quite impressed with your knowledge. Would
you mind passing on to us some idea of how you learned what you know
about PHP so we could do the same? Do you have a degree in computer
science?