Crypt::SSLeay version .49.
I'm having an issue with receiving a result of...
.... stuff before .... Client-SSL-Cipher: EDH-RSA-DES-CBC3-SHA Client-SSL-Warning: Peer certificate not verified .... stuff after ....
response from a server. The weird thing is that it used to work about a week ago, and I don't remember making any upgrades, etc...
Whether or not you are doing any peer cert verification, LWP will add that Client-SSL-Warning header to the response output. I had submitted a patch a while back that would fix this in LWP, I think at least a couple times, and have given up. Just know that if you are doing peer cert verification with configs like:
# CA CERT PEER VERIFICATION
$ENV{HTTPS_CA_FILE} = 'certs/ca-bundle.crt';
$ENV{HTTPS_CA_DIR} = 'certs/';Then it will work, or throw an error like:
SSL negotiation failed: error:1407E086:SSL routines:SSL2_SET_CERTIFICATE:certificate verify failed
The patch I had submitted this before for LWP was:
[EMAIL PROTECTED] libwww-perl-5.64]# diff -u lib/LWP/Protocol/https.pm.old
lib/LWP/Protocol/https.pm
--- lib/LWP/Protocol/https.pm.old Fri Nov 16 18:10:28 2001
+++ lib/LWP/Protocol/https.pm Mon Mar 18 12:38:37 2002
@@ -34,7 +34,9 @@
$res->header("Client-SSL-Cert-Subject" => $cert->subject_name);
$res->header("Client-SSL-Cert-Issuer" => $cert->issuer_name);
}
- $res->header("Client-SSL-Warning" => "Peer certificate not verified");
+ if(! eval { $sock->get_peer_verify }) {
+ $res->header("Client-SSL-Warning" => "Peer certificate not verified");
+ }
}Regards,
Josh
________________________________________________________________ Josh Chamas, Founder phone:925-552-0128 Chamas Enterprises Inc. http://www.chamas.com NodeWorks Link Checking http://www.nodeworks.com
