LWP::UserAgent to ignore ssl certificate

perlbaski has asked for the wisdom of the Perl Monks concerning the following question:

I have a curl request that goes through fine

 curl -k -L -c cookie.txt -b cookie.txt --user administrator:done!  --
+header "Content-Type:application/json" --header "Accept:application/j
+son" https://10.244.204.25/api/types/names
[download]

The above request works I get

* SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.

Using LWP

use warnings;
use LWP::UserAgent;
require HTTP::Cookies;
my $ua = new LWP::UserAgent;
$ua->agent('Mozilla/5.0');
       $cookie_jar =
          HTTP::Cookies->new( file => 'cookies_lwp.txt', autosave => 1
+, ignore_discard => 1 ); # A cookie file is needed to store the secur
+ity keys.

        $ua->cookie_jar($cookie_jar);

$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME}=0;
$ua->default_header( "Accept" =>"application/json"  );
$ua->default_header( "Content-Type" =>  "application/json");
my $netloc="10.244.204.25:443";
$ua->credentials( $netloc, 'Security Realm', 'administrator', 'done!')
+;
 $ua->ssl_opts( verify_hostnames => 0 ,SSL_verify_mode => 0x00);
my $req = new HTTP::Request('GET','https://10.244.204.25/api/types/nam
+es');
my $res = $ua->request($req);
print $res->code, "\n";
print $res->message;

use Data::Dumper;
[download]

This does not work I get '_msg' => 'Can\'t connect to 10.244.204.25:443 (certificate verify failed)',

Doesnt $ua->ssl_opts( verify_hostnames => 0 ,SSL_verify_mode => 0x00); do the equivalent of curl -k which is to use insecure connection?

Comment on LWP::UserAgent to ignore ssl certificate Select or Download Code

Replies are listed 'Best First'.
Re: LWP::UserAgent to ignore ssl certificate by hazylife (Monk) on Mar 18, 2014 at 08:51 UTC
There's a typo in your code: it's `verify_hostname`, not hostnames.	[reply] [d/l]
Re^2: LWP::UserAgent to ignore ssl certificate by perlbaski (Sexton) on Mar 18, 2014 at 20:04 UTC
That really was the problem..Thanks so much for pointing it out! Will be more careful before posting next time!	[reply]
Re: LWP::UserAgent to ignore ssl certificate by Anonymous Monk on Mar 18, 2014 at 08:50 UTC
maybe your version of LWP is too old to support whatever option you're trying .. :/	[reply]
Re: LWP::UserAgent to ignore ssl certificate by t_rex_joe (Sexton) on Mar 18, 2014 at 17:15 UTC
To completely remove SSL Checks.. $ENV{'PERL_LWP_SSL_VERIFY_HOSTNAME'} = 0; $ENV{HTTPS_DEBUG} = 1; IO::Socket::SSL::set_ctx_defaults( SSL_verifycn_scheme => 'www', SSL_verify_mode => 0, ); $server = "https\:\/\/127.0.0.1"; $user = "user"; $pass = "pass"; $uah = undef; $uah = LWP::UserAgent->new; if($debug == 1) { print "UAH: \"$uah\"\n"; } $post = undef; $post = [ login => $user, password => $pass ]; $req = undef; $req = POST "$server/login", $post; if($debug == 1) { print "REQ: \"$req\"\n"; } $ret = undef; $ret = $uah->request($req); if($debug == 1) { print "-- LINE: \"" . __LINE__ . "\" RET: \"$ret +\"\n"; } $str = undef; $str = $ret->content; #if($debug == 1) { print "-- LINE: \"" . __LINE__ . "\" STR AS CON +TENT: \"$str\"\n"; } [download]	[reply] [d/l]
Re^2: LWP::UserAgent to ignore ssl certificate by perlbaski (Sexton) on Mar 18, 2014 at 20:09 UTC
Hi t_rex_joe, This code is using framework library, and there are exmaples whihc dont have to change ssl module options,but still seem to work for others..not in my environment though. Ther was a typo in one of ssl options verify_hostname, now the script works if I use LWP user agent, but still doesnot work using framework utilities whihc also use LWP... Thanks so much your time!	[reply]


Welcome to the Monastery
	PerlMonks