Hi everyone,
You are right Markus, I am using a unstrusted certificate. Is there any
way to use the SSL filter with untrusted certificates? I know other libs
like LWP can deal with them.
If this is a TODO or a bug I can help you fixing this on the POE SSL
Filter code :)
Regards,
Dario.
On 24/05/11 11:35, Andy Jenkinson wrote:
When doing something similar, I seem to remember I got this error when
attempting to connect via HTTP too. I could be making that up though.
Cheers,
Andy
On 24 May 2011, at 10:07, Markus Müller wrote:
Hello everyone,
I've tried the following program and it works under Debian Squeeze.
The message "POE::Filter::SSL: UNEXPECTED ERROR: ERR1:0 ERR2:1 HINT: Check if you
have configured a CRT and KEY file, and that both are readable at
/usr/share/perl5/POE/Wheel/ReadWrite.pm line 280" occures in my test only if the
browser aborts the connection during SSL handshake because the certificate is untrusted.
In any other case I can see the data the server is returning.
Dieser Verbindung wird nicht vertraut
Sie haben Firefox angewiesen, eine gesicherte Verbindung zu saytest.priv.de:82
aufzubauen, es kann aber nicht überprüft werden, ob die Verbindung sicher ist.
Wenn Sie normalerweise eine gesicherte Verbindung aufbauen, weist sich die
Website mit einer vertrauenswürdigen Identifikation aus, um zu garantieren,
dass Sie die richtige Website besuchen. Die Identifikation dieser Website
dagegen kann nicht bestätigt werden.
Was sollte ich tun?
Falls Sie für gewöhnlich keine Probleme mit dieser Website haben, könnte dieser
Fehler bedeuten, dass jemand die Website fälscht. Sie sollten in dem Fall nicht
fortfahren.
Much regards,
Markus Mueller
#!perl
use strict;
use warnings;
use Socket;
use POE qw(
Wheel::SocketFactory
Wheel::ReadWrite
Driver::SysRW
Filter::SSL
Filter::Stackable
Filter::HTTPD
Component::Server::TCP
);
POE::Component::Server::TCP->new(
Alias => "web_server",
Port => 82,
#ClientFilter => 'POE::Filter::HTTPD', ##WITHOUT HTTPD FILTER THERE ISN'T
HTTP HEADERS!!!
ClientFilter => POE::Filter::Stackable->new(
Filters => [
POE::Filter::SSL->new(crt => 'sslkeys/server.crt', key =>
'sslkeys/server.key'),
POE::Filter::HTTPD->new(),
]
),
ClientInput => \&handle_http_request,
InlineStates => {got_response => \&handle_http_response,},
);
sub handle_http_request {
my ($kernel, $session, $heap, $buf) = @_[KERNEL, SESSION, HEAP, ARG0];
my $content .= "Your URL was: ".$buf->uri."<hr>"
if (ref($buf) eq "HTTP::Request");
$content .= localtime(time());
my $response = HTTP::Response->new(200);
$response->push_header('Content-type', 'text/html');
$response->content($content);
$_[HEAP]{client}->put($response);
$_[KERNEL]->yield("shutdown");
};
POE::Kernel->run;
exit;
I am making a proxy and it must support the https protocol. I am
trying to enable SSL feature in the server side with this command:
POE::Component::Server::TCP->new(
Alias => "web_server",
Port => LISTEN_PORT,
#ClientFilter => 'POE::Filter::HTTPD', ##WITHOUT HTTPD FILTER
THERE ISN'T HTTP HEADERS!!!
ClientFilter => POE::Filter::Stackable->new(
Filters => [
POE::Filter::SSL->new(crt => 'sslkeys/server.crt', key =>
'sslkeys/server.key'),
POE::Filter::HTTPD->new(),
]
),
ClientInput => \&handle_http_request,
InlineStates => {got_response => \&handle_http_response,},
);
But when a https request hit the server I get the following error:
POE::Filter::SSL: UNEXPECTED ERROR: ERR1:-1 ERR2:1 HINT: Check if you
have configured a CRT and KEY file, and that both are readable at
/usr/share/perl5/POE/Wheel/ReadWrite.pm line 280
I don't know what this error means because the files has the
permission flags set to 777. Are required some special certs?
Thanks in advance.
--
Regards,
Darío Rodríguez
Marketing Department
http://www.artica.es
c/ Preciados 44, 1º Derecha. 28013 Madrid
Tel. +34-91-559-7222
Este mensaje se dirige exclusivamente a su destinatario y puede contener
información privilegiada o confidencial. Si no es vd. el destinatario
indicado, queda notificado de que la lectura, utilización, divulgación
y/o copia sin autorización está prohibida en virtud de la legislación
vigente. Si ha recibido este mensaje por error, le rogamos que nos lo
comunique inmediatamente por esta misma vía y proceda a su destrucción.
This message is intended exclusively for its addressee and may contain
information that is CONFIDENTIAL and protected by a professional
privilege or whose disclosure is prohibited by law.
If you are not the intended recipient you are hereby notified that any
read, dissemination, copy or disclosure of this communication is
strictly prohibited by law. If this message has been received in error,
please immediately notify us via e-mail and delete it.