Hi,
I have a Perl script that fails on iPlanet web servers, but works on all the others I have encountered. Below is the script and the outputs from a failed fetch and a successful fetch. Perhaps iPlanet is looking for a slightly different format in the cert and key files? I'd appreciate any help you may be to offer. Thanks, John ------------------------------------ o PERL Script #!/usr/bin/perl use strict; use LWP::UserAgent; my $ua; my $request; my $response; #$ENV{HTTPS_VERSION} = '3'; $ENV{HTTPS_DEBUG} = 8; $ENV{HTTPS_CERT_FILE} = '/x/fwire/apl/dt_cl.crt'; $ENV{HTTPS_KEY_FILE} = '/x/fwire/apl/dt.key'; print "url is $url\n"; $ua = LWP::UserAgent->new(); $request = new HTTP::Request('GET', $url ); $response = $ua->request($request); ------------------------------------ o DEBUG output from URL that fails: ieh1: perl df.pl url is https://www.rmao.com/OASIS/CSU/data/LIST?LIST_NAME=LIST&FMT=DATA SSL_connect:before/connect initialization SSL_connect:SSLv2/v3 write client hello A SSL_connect:SSLv3 read server hello A SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server certificate request A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client certificate A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write certificate verify A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL3 alert read:fatal:certificate unknown SSL_connect:failed in SSLv3 read finished A SSL_connect:before/connect initialization SSL_connect:SSLv3 write client hello A SSL_connect:SSLv3 read server hello A SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server certificate request A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client certificate A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write certificate verify A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL3 alert read:fatal:certificate unknown SSL_connect:failed in SSLv3 read finished A SSL_connect:before/connect initialization SSL_connect:SSLv2 write client hello A SSL_connect:SSLv2 read server hello A SSL_connect:SSLv2 write client master key A SSL_connect:SSLv2 client start encryption SSL_connect:SSLv2 write client finished A SSL_connect:SSLv2 read server verify A SSL_connect:SSLv2 read server finished A SSL_connect:SSLv2 write client certificate A SSL_connect:error in SSLv2 read server finished A ===> response as string is: 500 (Internal Server Error) SSL negotiation failed: error:1406C0C8:SSL routines:GET_SERVER_FINISHED:peer error Client-Date: Mon, 22 Jul 2002 22:13:06 GMT ------------------------------------ o DEBUG output from URL that works: ieh1: df.pl url is https://vacar.jtsin.com/OASIS/DUK/data/LIST?LIST_NAME=LIST&FMT=DATA SSL_connect:before/connect initialization SSL_connect:SSLv2/v3 write client hello A SSL_connect:SSLv3 read server hello A SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL_connect:SSLv3 read finished A SSL_connect:SSL renegotiate ciphers SSL_connect:SSLv3 write client hello A SSL_connect:SSLv3 read server hello A SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server certificate request A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client certificate A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write certificate verify A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL_connect:SSLv3 read finished A ===> response as string is: HTTP/1.1 200 OK Connection: close Date: Mon, 22 Jul 2002 22:18:11 GMT Server: Microsoft-IIS/4.0 Content-Type: text/x-oasis-csv Client-Date: Mon, 22 Jul 2002 22:15:43 GMT Client-Response-Num: 1 Client-SSL-Cert-Issuer: /C=US/O=Digital Signature Trust Co./OU=TrustID Server/CN=TrustID Server CA A5 Client-SSL-Cert-Subject: /C=US/O=ISO NEW ENGLAND/OU=ISO NEW ENGLAND/CN=vacar.jtsin.com Client-SSL-Cipher: RC4-MD5 Client-SSL-Warning: Peer certificate not verified ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]