Good day to everyone, I need to scrape some data from an HTTPS site that requires client certificates for authentication. I am able to access the site with a certificate loaded in Netscape 7.1, so I exported the certificate (there are two actually, one for encrypting and one for signing, not sure if this matters) to PKCS12 and tried the following:
__BEGIN__ use strict; use LWP::UserAgent; # DEBUGGING SWITCH / LOW LEVEL SSL DIAGNOSTICS $ENV{HTTPS_DEBUG} = 1; # DEFAULT SSL VERSION $ENV{HTTPS_VERSION} = '3'; # CLIENT PKCS12 CERT SUPPORT $ENV{HTTPS_PKCS12_FILE} = 'test.p12'; $ENV{HTTPS_PKCS12_PASSWORD} = 'password'; my $ua = new LWP::UserAgent; my $req = new HTTP::Request('GET', 'https://example.com'); my $res = $ua->request($req); print $res->status_line."\n"; __END__ Here's the debug output I get: __BEGIN__ SSL_connect:before/connect initialization SSL_connect:SSLv3 write client hello A SSL_connect:SSLv3 read server hello A SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL_connect:SSLv3 read finished A SSL_connect:SSL renegotiate ciphers SSL_connect:SSLv3 write client hello A SSL_connect:SSLv3 read server hello A SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server certificate request A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client certificate A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write certificate verify A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL3 alert read:fatal:certificate unknown SSL_connect:failed in SSLv3 read finished A 500 read failed: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert certificate unknown | error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure __END__ I'm running on ActiveState 5.8 using Crypt::SSLeay from theoryx5. Could anyone tell me what I'm doing wrong? -- Sean Evans