Beefy Boxes and Bandwidth Generously Provided by pair Networks
Perl: the Markov chain saw
 
PerlMonks  

Re: LWP Can't POST to HTTPS

by daxim (Chaplain)
on Sep 12, 2012 at 16:15 UTC ( #993245=note: print w/ replies, xml ) Need Help??


in reply to LWP Can't POST to HTTPS

Please provide the output of

openssl s_client -connect xxxx.ucf.edu:443


Comment on Re: LWP Can't POST to HTTPS
Download Code
Re^2: LWP Can't POST to HTTPS
by dorko (Parson) on Sep 12, 2012 at 16:41 UTC
    OpenSSL> s_client -connect xxxx.ucf.edu:443 Loading 'screen' into random state - done CONNECTED(000000C0) write:errno=10053 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 321 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE --- error in s_client OpenSSL> s_client -connect xxxx.ucf.edu:443 Loading 'screen' into random state - done CONNECTED(00000080) write:errno=10054 --- no peer certificate available --- No client certificate CA names sent --- SSL handshake has read 0 bytes and written 321 bytes --- New, (NONE), Cipher is (NONE) Secure Renegotiation IS NOT supported Compression: NONE Expansion: NONE --- error in s_client
    I'm guessing that means I have to provide certs? Looking at brian d foy's blog, something along the lines of
    $ua->ssl_opts( SSL_ca_file => '/path/to/root.crt' );
    or
     $ua->ssl_opts( SSL_ca_file => Mozilla::CA::SSL_ca_file() );
    ?

    Cheers,

    Brent

    -- Yeah, I'm a Delt.
      I've also tried:

      $ua->ssl_opts( verify_hostname => 0 );

      and it didn't work.

      Cheers,

      Brent

      -- Yeah, I'm a Delt.
        But what is debug3 output?
      You certificates seem to be gone. Are they?

      You never said whether adding certificates explicitely worked for you. In any case you can extract the certificates and then blindly accept them.

      echo -n|openssl s_client -connect webcourses.ucf.edu:443 -showcerts|perl -Mautodie -0 -ne'%c = m|^\s*\d+ s:.*?/CN=([^\n]+).*?(-----BEGIN CERTIFICATE-----.*?-----END CERTIFICATE-----)|gms; for (keys %c) { open $c, ">", "$_.crt.pem"; print {$c} $c{$_}; close $c }'

      Translating this to Windows is left as an exercise for you.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://993245]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others having an uproarious good time at the Monastery: (7)
As of 2014-08-23 15:13 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    The best computer themed movie is:











    Results (174 votes), past polls