Thanks for your reply. My work on this has been shelved for a
higher priority (Kerberos stuff, getting to play with all sorts of new
stuff) and letting the c coder duplicate the work. Unfortunately, the
machine is on an internal network, so I don't know how I could have
tested your suggestion.
On 21 Dec 2001 at 12:04, Keary Suska wrote:
> Unfortunately, error messages do not propagate well from SSLeay to LWP, so
> LWP often doesn't give informative messages. It is likely, however, that the
> peer certificate verification is failing. To ensure SSL works correctly,
> comment out all the $ENV lines showing in your script below, and try to
> connect to any public site (that supports SSL, of course) using https.
>
> If that works, then at least the SSL underpinnings are fine. It would also
> indicate the likelihood of a peer verification problem. I don't recall the
> peer verification setup exactly, but IIRC you have to tell SSL where to find
> the root CA certificates, so it can choose the right one for verification.
> At least this is a clue to what may be going wrong...
>
> Keary Suska
> Esoteritech, Inc.
> "Leveraging Open Source for a better Internet"
>
> > From: [EMAIL PROTECTED]
> > Reply-To: [EMAIL PROTECTED]
> > Date: Fri, 21 Dec 2001 06:44:47 -0500
> > To: [EMAIL PROTECTED], [EMAIL PROTECTED]
> > Subject: Re: Crypt::SSLeay
> >
> > On 16 Dec 2001 at 2:43, Joshua Chamas wrote:
> >
> >> timotac wrote:
> >>>
> >>> I have a small perl script I wrote that retrieves files using
> >>> LWP::UserAgent to get files from a cert protected directory off o a web
> >>> server. The script works fine on *nix boxes. Now I have to get it to
> >>> work on an NT box, and I am new to perl on NT.
> >>> I installed activestate perl, then mingw. I compiled openssl, which
> >>> seemed to work just fine (no error messages) using the included
> >>> instructions for mingw.
> >>> Installed the Net::SSLeay package. Move the script over, changed things
> >>>
> >>
> >> Crypt::SSLeay & Net::SSLeay are 2 different things. With ActiveState perl,
> >> try to install Crypt::SSLeay for LWP::UserAgent support with the ppm
> >> installer at $PERL/bin/ppm.pl or some such, then:
> >>
> >> ppm> install Crypt-SSLeay
> >>
> >> If it installs a recent enough Crypt::SSLeay, you should be fine.
> >> If not you can ask activestate to compile the latest version for
> >> their ppm repository.
> >>
> >> --Josh
> >>
> >
> > I made sure Crypt::SSLeay was installed.
> > ppm -query yields Crypt-SSLeay [0.17.1]
> >
> > the script looks like this:
> >
> > use LWP::UserAgent;
> >
> > $ENV{HTTPS_VERSION} = '3';
> > $ENV{HTTPS_CERT_FILE} = 'd:\certs\mycert.pem';
> > $ENV{HTTPS_KEY_FILE} = 'd:\certs\mykey.pem';
> > $ENV{HTTPS_CA_FILE} = 'd:\certs\server.pem';
> >
> > $ua = new LWP::UserAgent;
> > $httpreq = "https://server.com/reports/today.log";
> > $req = HTTP::Request('GET',"$httpreq");
> > $res = $ua->request($req);
> > if ($res->is_error()) {
> > print "Return code ", $res->code,"\n";
> > print "Message ", $res->message, "\n";
> > exit;
> > }
> >
> > print "Content:\n", $res->content;
> >
> >
> > This yields:
> >
> > Return code 500
> > Message read failed:
> >
> >
> > Note that this code works on a linux box, and the https string is valid if
> > entered in
> > netscape on the NT box I am attempting to use.
> > ______________________________________________________________________
> > OpenSSL Project http://www.openssl.org
> > User Support Mailing List [EMAIL PROTECTED]
> > Automated List Manager [EMAIL PROTECTED]
> >
>
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> User Support Mailing List [EMAIL PROTECTED]
> Automated List Manager [EMAIL PROTECTED]
>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
