jianzhong ding writes:
> I have been struggled recently by a project intended to do web retrive
> from secure web server. Specifically my task is to "POST" to a secure web
> server (HTTPS) and then to retrieve the response sent by the server. (all
> those should be done without browser). I have used the libwww library from
> Perl successfully to do this kind of task from unsecure server. However I
Not knowing what libwww.pm offers, I just speculate that it does not
interface with SSLeay.pm (which is due to complete rewrite by eay real
soon now ;-) so then it would seem that you either must have hacked
libwww to use SSLeay (I haven't heard of anyone doing this, but if you
did, you probably wouldn't be asking the list) or you are trying an
impossible thing.
Luckily there is an easy way out, just grab the http/1.1 rfc, craft
your own request and send it with Net::SSLeay:cat, e.g:
use Net::SSLeay;
$page = Net::SSLeay::cat('www.netscape.com', 443, <<HTTP);
GET /some_page.html HTTP/1.0\r
Accept: */*\r
HTTP
;
> could not do anything with the secure server. here is an example error
> message:
>From which side of connection? I assume the client...
> Server: Netscape-FastTrack/2.01
> Content-Length: 305
> Content-Type: text/html
> Client-Date: Thu, 05 Mar 1998 20:52:15 GMT
> Client-Peer: 129.49.2.200:443
> Client-SSL-Cert-Issuer: /C=US/O=RSA Data Security, Inc./OU=Secure Server
> Certification Authority
> Client-SSL-Cert-Subject: /C=US/SP=xxx xxxx/L=xxxxx xxxxx/O=xxxxx xxxxxxxxxxx
> xx xxxx xx xxxxx xxxxx
> xxx xxxx xx xxxxx xxxxx/OU=xxxx
> xxxxxxxxxx/CN=xxxx.xx.xxxxxx.xxx
> Client-SSL-Cipher: RC4-MD5
> Client-SSL-Warning: Peer certificate not verified
> Title: Server Error
Quite puzzling error message indeed. I can't understand your setup
(which you should always explain (i.e. OS version, SSLeay version,
SSLeay.pm version, libwww version, Apache version, etc.) as a basic
civility measure).
> my reasoning of the failure is that Server could not verify my
> virtual browser (accomplished in libwww by UserAgent). Since it could not
> authenticate the client, it refuse to send any encrypted data to this
> fake browser. Is this right? My questions of using SSLeay to solve the
> certificate issuses are:
>
> 1). Do I need to generte a client certificate using SSLeay and
> include it in my Perl program so that the server could send back the
> response?
Generally no. Usually only the server is authenticated using
certificate, so the client does not need one. This of course depends
on the config of the server. The server's administrator can answer you
question.
> PS: I do get the crypt-SSLeay library and Net-SSleay.pm, however according
> to the README from crypt-ssleay, I should wait for Eric's Perl implenmtation of
> SSLeay. Are we close to that point? or I'd better use the C/C++?
Although Eric has been hinting to release a new improved SSLeay.pm, you
are by no means required to wait for him to do that. The existing one,
with its short comings, notably only working with SSLeay 0.6.x series,
still works perfectly well for basic SSL2.
--Sampo
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
