On 2/27/13 11:37 AM, Sebastien Koechlin wrote:
> Hello!
>
> I'm using a Perl script to monitor many webservers. I do a request on a page
> using LWP, check header and content, and print the result (OK/WARNING/ERROR).
>
> For https; I would like to also check the certificat expiration date and
> report a WARNING if the expiration date is in few weeks.
>
> Is there any way to access the certificat sent by the remote server using LWP?
>
> (I'm using Red Hat EL 5.3 / perl-libwww-perl-5.805)
>
It's not the most beautiful thing in the world, but you can get access
to the certificate data in the SSL_verify_callback. It gets called for
each certificate in the chain, starting from the root cert. Here's a
basic example:
use strict;
use warnings;
use LWP::UserAgent;
my $last_expire;
my $ua = LWP::UserAgent->new(
ssl_opts => {
SSL_verify_callback => sub {
my ($ok, $ctx_store) = @_;
my $cert = Net::SSLeay::X509_STORE_CTX_get_current_cert($ctx_store);
$last_expire =
Net::SSLeay::P_ASN1_TIME_get_isotime(Net::SSLeay::X509_get_notAfter($cert));
return $ok;
},
},
);
$ua->get('https://www.google.com/');
warn "$last_expire\n";
