The self-signed certificate was the problem. Used a regular Server Certificate signed by a CA and used the signer CA certificate with HTTPS_CA_FILE on the Perl script and everything just works !!!
Ran a test with the s_client module of openssl using the self-signed certificate and verify returns an error 18. The Windows version SSLeay.dll we used to test does not have a problem handling self-signed certificates. We used the version distributed by the Univ. of Winnipeg and so my guess is they probably added/modfied code to handle the error 18 that gets returned for self-signed certificates. -R- Saju Panikulam -----Original Message----- From: Saju [mailto:[EMAIL PROTECTED] Sent: Saturday, November 04, 2006 7:36 AM To: '[EMAIL PROTECTED]'; 'libwww@perl.org' Subject: RE: [Crypt::SSLeay] Compile problems on Solaris Thanks. Read about the fix to SSLeay.xs before I got your reply. Added SSL_library_init() at line #125. That change resolved the 'make test' failure; now both tests work and the install phase completes too. But I'm not able to successfully complete a SSL handshake for a https session using Crypt::SSLeay. The other Perl module that I installed is IO::Socket::SSL. The odd thing is if I remove the Perl module Crypt::SSLeay with ppm (Perl Package Manager part of the Perl distribution from Active State) the https connection is made and everything works fine but it does not appear to be validating the X509 certificate it is sent from the server with the CA certificate. In our Perl script we setup the environment variable HTTPS_CA_FILE and it points to a self-signed X509 certificate file. The same self-signed certificate file and it's private key is used on the Server side. This method seems to work perfectly well on a Windows box using the SSLeay.DLL but is causing a SSL negotiation failure on our Sun machine. Thoughts... Is there anyway I can trace the handshake to see where it might be failing. Thanks & Regards, Saju Panikulam -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, November 03, 2006 9:11 AM To: libwww@perl.org Cc: Saju Paul Subject: Re: [Crypt::SSLeay] Compile problems on Solaris > Hello Joshua, > Attempting to build and install Crypt::SSLeay with cpan on my Sun machine. > Solaris 9 is the OS and the compile environment is the SunStudio11; the C > (cc) and C++ (CC ) compiler version are Sun C 5.8. Version of OpenSSL > installed on the system 0.9.8d. If there is any other information that I > have not included let me know and I'll send them along. > > Thanks & Regards, > Saju Panikulam > I posted about this a few days ago -- you need to make a minor change in work with the latest OpenSSL libraries. Near line 107 of SSLeay.xs, either change SSLeay_add_all_algorithms() to SSLeay_add_ssl_algorithms() or add a call to SSL_library_init() make; make test Marvel at how it now works. This message (including any attachments) contains confidential and/or proprietary information intended only for the addressee. Any unauthorized disclosure, copying, distribution or reliance on the contents of this information is strictly prohibited and may constitute a violation of law. If you are not the intended recipient, please notify the sender immediately by responding to this e-mail, and delete the message from your system. If you have any questions about this e-mail please notify the sender immediately.
