Skip Menu |
 

This queue is for tickets about the libwww-perl CPAN distribution.

Report information
The Basics
Id: 95996
Status: resolved
Priority: 0/
Queue: libwww-perl

People
Owner: Nobody in particular
Requestors: ppisar [...] redhat.com
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: 6.06
Fixed in: (no value)



Subject: Provide an LWP environment variable and command line option to disable certificate verification
Download (untitled) / with headers
text/plain 649b
There is no way how to disable certificate verification currently. The PERL_LWP_SSL_VERIFY_HOSTNAME controls hostname verification only. This is a request to add a new environment variable (e.g. PERL_LWP_SSL_VERIFY_CERTIFICATE) and a command line option for lwp-request tool to be able to issue requests even if server certificate cannot be positively verified (e.g. unknown certificate issuer or expired certificate). Similar LWP::UserAgent->ssl_opts option "verify_certificate" (resembling "verify_hostname" option) could be introduced too. See <https://github.com/libwww-perl/lwp-protocol-https/pull/14#issuecomment-43234129> for a discussion.


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.