Beefy Boxes and Bandwidth Generously Provided by pair Networks
There's more than one way to do things
 
PerlMonks  

Re: "certificate verify failed" error while trying to connect to https:// site using use WWW::Mechanize

by rkrieger (Friar)
on Jul 17, 2011 at 15:00 UTC ( #914959=note: print w/ replies, xml ) Need Help??


in reply to "certificate verify failed" error while trying to connect to https:// site using use WWW::Mechanize

Alternatively, you could place the CA certificate of the party that issued the certificate for your target web site in the HTTPS_CA_DIR. Most commercial CA's link to it on their web site or you may already have it.

As to the setting for HTTPS_CA_DIR: you could create any convenient directory in your code base to hold the certificate and point to that. You may as well keep it close to your code.

Windows places its certificates in special certificate stores (which explains your result in Internet Explorer) that AFAIK are not that easily accessible to non-MS applications.


Comment on Re: "certificate verify failed" error while trying to connect to https:// site using use WWW::Mechanize
Select or Download Code
Re^2: "certificate verify failed" error while trying to connect to https:// site using use WWW::Mechanize
by sam_bakki (Monk) on Jul 18, 2011 at 09:02 UTC

    Hi rkrieger

    I have exported the certificate (in my case it is COMODOHigh-AssuranceSecureServerCA ) from internet explorer to a directory as a .cer file.

    After that I set


    $ENV{HTTPS_CA_DIR} = 'C:\temp\cert'; $ENV{HTTPS_DEBUG} = 1; $ENV{HTTP_DEBUG} = 1;

    but still it is not working , I get the same Error GETing https://www.collabnet.nxp.com/sf/sfmain/do/home: Can't connect to www.collabnet.nxp.com:443 (certificate verify failed) error

    Thanks

      First off: check whart sort of format you exported from your browser. You'll want PEM (plain base64 text with a -----BEGIN CERTIFICATE----- line at start). Try opening your file in a text editor and check if that's what you have. Export in different formats or convert your current file to PEM format (see the OpenSSL manual for that or the openssl) man page on a Unix system.

      In short: when using HTTPS_CA_DIR you need a directory with PEM certificates in files named according to the hash of their (certificate) subject name. Perhaps HTTPS_CA_FILE is more useful for you (if you only have a single CA certificate to handle).

      Why? The CA file directory should hold files in so-called PEM format and follow the instructions as listed in Crypt::SSLeay under Client Certificate Support. In fact, that points to the OpenSSL docs again with more instructions.

        Hi rkrieger

        I ran the same script , which uses WWW::Mechanize to download https:// content. Which works like a charm :) any way thanks again for your advise and information about certificates.

        Another good reason to hate MS Windows :)

        Thanks
        Bakkiaraj M

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://914959]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others romping around the Monastery: (8)
As of 2014-07-23 05:15 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    My favorite superfluous repetitious redundant duplicative phrase is:









    Results (133 votes), past polls