setuk1 has asked for the wisdom of the Perl Monks concerning the following question:
Googled around and i cant get an SSL test using IO::Socket:SSL to work. Can someone point me in the right direction to set up SSL validation against a server running https.
And getting:-use IO::Socket::SSL qw(debug4); use Data::Dumper; # simple HTTP client --------------------------------------------- +-- my $sock = IO::Socket::SSL->new( # where to connect PeerHost => "mail.google.com", PeerPort => "443", SSL_verify_mode => SSL_VERIFY_PEER, SSL_ca_path => 'C:\\Users\\Simon\\ptest\\certs' ) or die "failed connect or ssl handshake: $!,$SSL_ERROR";
C:\Users\Simon\ptest>t2.pl DEBUG: .../IO/Socket/SSL.pm:1805: new ctx 46151184 DEBUG: .../IO/Socket/SSL.pm:449: socket not yet connected DEBUG: .../IO/Socket/SSL.pm:451: socket connected DEBUG: .../IO/Socket/SSL.pm:469: ssl handshake not started DEBUG: .../IO/Socket/SSL.pm:504: using SNI with hostname mail.google.c +om DEBUG: .../IO/Socket/SSL.pm:540: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:1411: SSL connect attempt failed with unkn +own error DEBUG: .../IO/Socket/SSL.pm:546: fatal SSL error: SSL connect attempt +failed with unknown error error:14090086:SSL routines:SSL3_GET_SERVER +_ CERTIFICATE:certificate verify failed DEBUG: .../IO/Socket/SSL.pm:449: socket not yet connected DEBUG: .../IO/Socket/SSL.pm:451: socket connected DEBUG: .../IO/Socket/SSL.pm:469: ssl handshake not started DEBUG: .../IO/Socket/SSL.pm:507: not using SNI because hostname is unk +nown DEBUG: .../IO/Socket/SSL.pm:540: Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:1411: SSL connect attempt failed with unkn +own error DEBUG: .../IO/Socket/SSL.pm:546: fatal SSL error: SSL connect attempt +failed with unknown error error:14090086:SSL routines:SSL3_GET_SERVER +_ CERTIFICATE:certificate verify failed DEBUG: .../IO/Socket/SSL.pm:1842: free ctx 46151184 open=46151184 DEBUG: .../IO/Socket/SSL.pm:1850: OK free ctx 46151184 failed connect or ssl handshake: Bad file descriptor,IO::Socket::IP co +nfiguration failed SSL connect attempt failed with unknown error erro +r :14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify +failed at C:\Users\Simon\ptest\t2.pl line 6.
As i am testing against google mail - i downloaded all 3 certs in the key chain and put them in the certs dir. mail.google.com.crt GoogleInternetAuthorityG2.crt GeoTrustGlobalCA.crt Any ideas as to what im doing wrong.
|
---|
Replies are listed 'Best First'. | |
---|---|
Re: Guidance on SSL Cert Checking
by sundialsvc4 (Abbot) on Nov 01, 2013 at 01:53 UTC |
Back to
Seekers of Perl Wisdom