Josh, Thank you a lot for replying. I went through the perldoc and did the following:
1. copy the certificates in a directory under the html
2. set the ENV variables,
export HTTPS_CA_FILE=/certs/wbmQA_cert.cer export HTTPS_CA_DIR=/certs/
3. set the debug mode
Is ther a way to tell from the output below what went wrong?
I think you wanted to use these for client site cert...
# CLIENT CERT SUPPORT
$ENV{HTTPS_CERT_FILE} = 'certs/notacacert.pem';
$ENV{HTTPS_KEY_FILE} = 'certs/notacakeynopass.pem';The CA stuff is to verify the server cert.
--Josh
Thanks again
===OUTPUT
SL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL3 alert write:fatal:unknown
SSL_connect:error in SSLv3 read server certificate B
SSL_connect:error in SSLv3 read server certificate B
SSL_connect:before/connect initialization
SSL_connect:SSLv3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL3 alert write:fatal:bad certificate
SSL_connect:error in SSLv3 read server certificate B
SSL_connect:before/connect initialization
SSL_connect:SSLv2 write client hello A
SSL_connect:failed in SSLv2 read server hello A
Failed: 500 SSL negotiation failed: error:1406D0FD:SSL routines:GET_SERVER_HELLO:unknown remote error type
500 (Internal Server Error) SSL negotiation failed: error:1406D0FD:SSL routines:GET_SERVER_HELLO:unknown remote error type
Client-Date: Tue, 09 Sep 2003 22:41:09 GMT
======
[EMAIL PROTECTED] wrote:
I have added SSL support to my libwww and I am able to download
some
sites with the LWP::UserAgent. The problem is that there is a site
that
needs me send a certificate for identification otherwise I get the response:
Failed: 500 SSL negotiation failed: error:1406D0FD:SSL routines:GET_SERVER_HELLO:unknown remote error type
Please notice that when I use the browser IE for that URL, it
prompts
me with that client authentication window: "The web site you want
to
view request identification. Select the certificate to use when connecting." Then I can put the certifcate file there and have the browser retrieve the page.
My question is, how can I send a certificate to a server along with with my form post? Thanks a lot for the help.
If you are using Crypt::SSLeay for SSL, then check out the "perldoc
Crypt::SSLeay"
You will find these settings described which may be useful:
# CLIENT CERT SUPPORT $ENV{HTTPS_CERT_FILE} = 'certs/notacacert.pem'; $ENV{HTTPS_KEY_FILE} = 'certs/notacakeynopass.pem';
# CA CERT PEER VERIFICATION $ENV{HTTPS_CA_FILE} = 'certs/ca-bundle.crt'; $ENV{HTTPS_CA_DIR} = 'certs/';
# CLIENT PKCS12 CERT SUPPORT $ENV{HTTPS_PKCS12_FILE} = 'certs/pkcs12.pkcs12'; $ENV{HTTPS_PKCS12_PASSWORD} = 'PKCS12_PASSWORD';
Regards,
Josh
________________________________________________________________ Josh Chamas, Founder phone:925-552-0128 Chamas Enterprises Inc. http://www.chamas.com NodeWorks Link Checker http://www.nodeworks.com
