Skip Menu |
 

This queue is for tickets about the libwww-perl CPAN distribution.

Report information
The Basics
Id: 99084
Status: resolved
Priority: 0/
Queue: libwww-perl

People
Owner: Nobody in particular
Requestors: piotr.cofta [...] origamienergy.com
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)



Subject: Error in handing PERL_LWP_SSL_VERIFY_HOSTNAME
Date: Tue, 23 Sep 2014 12:02:38 +0000
To: "bug-libwww-perl [...] rt.cpan.org" <bug-libwww-perl [...] rt.cpan.org>
From: Piotr Cofta <piotr.cofta [...] origamienergy.com>
Download (untitled) / with headers
text/plain 1.7k
Hello, Module LWP::UserAgent Perl version: 5.18.2 Linux Mint 17 I am using this module as a part of VMWare command-line interface. My server has a self-signed certificate and I do not want it to be verified, as the verification fails for the lack of any common root CA. There is a recommendation to set environment variable PERL_LWP_SSL_VERIFY_HOSTNAME to zero to suppress verification, but in my case it was insufficient: I was still receiving errors about SSL3_GET_SERVER_CERFIFICATE. I looked at the code (open source !) and in UserAgent.pm, line 37 I made a change that seems to remove the problem. I have set SSL_verify_mode to zero if verify_hostname is set to zero. It helped. if (exists $ENV{PERL_LWP_SSL_VERIFY_HOSTNAME}) { $ssl_opts->{verify_hostname} = $ENV{PERL_LWP_SSL_VERIFY_HOSTNAME}; if($ssl_opts->{verify_hostname}==0) { $ssl_opts->{SSL_verify_mode} = 0; } } Please verify/use/improve. BR. Dr Piotr Cofta CISSP FBCS SIEEE Software Architect Piotr.Cofta@origamienergy.com<mailto:Piotr.Cofta@origamienergy.com> www.origamienergy.com<http://www.origamienergy.com/> origamienergy shapingenergywithtechnology Technical Office: Origami Energy Ltd F13 Future Business Centre King's Hedges Road Cambridge CB4 2HY Registered Office: Origami Energy Ltd Ashcombe Court Woolsack Way Godalming GU7 1LQ This email and any attachments transmitted with it are confidential and intended solely for the individual or entity to whom they are addressed. Please notify the sender immediately if you are not the intended recipient and then delete the email from your inbox and do not disclose the contents to another person, use, copy or store the information in any medium. Save trees. Print only when necessary.
On 2014-09-23 08:04:19, piotr.cofta@origamienergy.com wrote: Show quoted text
> Hello, > > Module LWP::UserAgent > Perl version: 5.18.2 > Linux Mint 17 > > I am using this module as a part of VMWare command-line interface. My > server has a self-signed certificate and I do not want it to be > verified, as the verification fails for the lack of any common root > CA. There is a recommendation to set environment variable > PERL_LWP_SSL_VERIFY_HOSTNAME to zero to suppress verification, but in > my case it was insufficient: I was still receiving errors about > SSL3_GET_SERVER_CERFIFICATE. > > I looked at the code (open source !) and in UserAgent.pm, line 37 I > made a change that seems to remove the problem. I have set > SSL_verify_mode to zero if verify_hostname is set to zero. It helped. > > if (exists $ENV{PERL_LWP_SSL_VERIFY_HOSTNAME}) { > $ssl_opts->{verify_hostname} = $ENV{PERL_LWP_SSL_VERIFY_HOSTNAME}; > if($ssl_opts->{verify_hostname}==0) { > $ssl_opts->{SSL_verify_mode} = 0; } > } > > Please verify/use/improve. >
Possibly related to https://rt.cpan.org/Ticket/Display.html?id=95996


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.