The rt-mailgate tool has a --no-verify-ssl option, I was wondering if the "rt" 
command line tool has a similar option?

I ask because we have a self signed cert that just doesn't seem to play nice 
with LWP. It used to work fine in RT3 but we upgraded to RT4 yesterday and the 
newer version of LWP isn't having any of it.

Cert verifies OK:
root@ariel:~# openssl verify /etc/ssl/certs/rt.ourdomain.com.au.crt
/etc/ssl/certs/rt.ourdomain.com.au.crt: OK

But rt doesn't like it:
root@ariel:~# rt list
Query:Status!='resolved' and Status!='rejected'
rt: Server error: Can't connect to rt.ourdomain.com.au:443 (certificate verify 
failed) (500)

Which is because of lwp:
root@ariel:~# lwp-request https://rt.ourdomain.com.au
Can't connect to rt.ourdomain.com.au:443 (certificate verify failed)
SSL connect attempt failed error:14090086:SSL 
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at 
/usr/local/share/perl/5.18.2/LWP/Protocol/http.pm line 47.

I realise this isn't an RT problem as it is really LWP, but it would be nice if 
the RT CLI supported a --no-verify-ssl option to workaround these situations. 
As it stands I had to edit the code of /opt/rt4/bin/rt and added the following 
on line 54 which allowed us to move forward, but this will be an issue for 
future upgrades:


Any thoughts?


Dion Gullotta
Far Edge Technology

p. 02 84251400

Reply via email to