PERL_LWP_SSL_VERIFY_HOSTNAME setting to 0 is not working

perl ssl vmware cpan lwp
17,321

Solution 1

I have had the very same problem - I solved it by typing "use Net::SSL;" before the requests.

Also tried to find out what library is causing the problem because it's definately an upgraded module that is causing it. Most sites were okay though, but one site's certificate wouldn't validate.

Solution 2

Rather than using use Net::SSL; soon in your code, you can achieve more predictable behavior with:

$ENV{PERL_NET_HTTPS_SSL_SOCKET_CLASS} = 'Net::SSL';

And now PERL_LWP_SSL_VERIFY_HOSTNAME set to zero will work as expected. But changing the underlying implementation module should not be considered as solution, but a hack.

Solution 3

It also can depend on the version of Net::HTTPS, and on whether or not IO::Socket::SSL is installed. Net::HTTPS will prefer IO::Socket::SSL (which uses Net::SSLeay) over Net::SSL (which uses Crypt::SSL). More recent versions of Net::HTTPS have improved how it works with IO::Socket::SSL.

Solution 4

You can try to add Global ENV variable or set in via Apache config (if you're using Apache)

SetEnv PERL_LWP_SSL_VERIFY_HOSTNAME 0

or

$ENV{'PERL_LWP_SSL_VERIFY_HOSTNAME'} = 0;
Share:
17,321
user2601110
Author by

user2601110

Updated on August 08, 2022

Comments

  • user2601110
    user2601110 almost 2 years

    Am running into an issue connecting on a Ubuntu machine while my other machine works fine. The difference between both is the Ubuntu version and the SSLeay version but i can't narrow down what the issue is.

    I already did the following: a) add the environment variable: PERL_LWP_SSL_VERIFY_HOSTNAME with a value of 0 b) add the $ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0; to the VICommon.pm file

    Both the above ones didn't work. I can't figure out why it doesn't work on my second machine.

    Ubuntu 12.10 (Works)

    $perl /usr/lib/vmware-vcli/apps/general/connect.pl --url https:///sdk/webService --username --password

    Connection Successful

    Server Time : 2013-07-19T22:11:31.681181Z

    $ perl -v

    This is perl 5, version 14, subversion 2 (v5.14.2) built for x86_64-linux-gnu-thread-multi

    $ perl -MLWP -e 'print "LWP Version: $LWP::VERSION\n"'

    LWP Version: 6.04

    $ perl -MCrypt::SSLeay -e 'print "Crypt::SSLeay Version: $Crypt::SSLeay::VERSION\n"'

    Crypt::SSLeay Version: 0.58

    Ubuntu 13.04 (Doesn't work)

    $perl /usr/lib/vmware-vcli/apps/general/connect.pl --url https:///sdk/webService --username --password

    Server version unavailable at 'https:///sdk/vimService.wsdl' at /usr/share/perl/5.14/VMware/VICommon.pm line 548.

    $ perl -v

    This is perl 5, version 14, subversion 2 (v5.14.2) built for x86_64-linux-gnu-thread-multi

    $ perl -MLWP -e 'print "LWP Version: $LWP::VERSION\n"'

    LWP Version: 6.04

    $ perl -MCrypt::SSLeay -e 'print "Crypt::SSLeay Version: $Crypt::SSLeay::VERSION\n"'

    Crypt::SSLeay Version: 0.64

    Certificate error (same in both machines)

    lwp-request https:///sdk/webService Can't connect to :443 (certificate verify failed)

    LWP::Protocol::https::Socket: SSL connect attempt failed with unknown error error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/share/perl5/LWP/Protocol/http.pm line 51.

    UPDATE 1

    Looks like the issue has nothing to do with the Ubuntu version but the new packages i get when i do 'apt-get upgrade', on the 12.10 box i didn't do that and it was working. However on 13.04 i ended up doing all the updates. Now since i get more than 80 updates when i did i still haven't narrowed down to the library which is messing it up. When i installed a new 13.04 image it works fine.

    ** Update 2 **

    Looks like the base Ubuntu 12.10 or 13.04 work fine. If you get the latest updates then it stops working. So not sure yet which library is causing the problem.

  • user2601110
    user2601110 almost 11 years
    I am newbie to this, can you elaborate how i can check if the ones you mentioned are enabled.
  • runrig
    runrig over 10 years
    Make an https request. Eval it if neccessary so it doesn't die. Then print "$_: $INC{$_}\n" for sort keys %INC; to see what libraries got loaded.
  • Stef
    Stef about 3 years
    Worked well for me. Was moving scripts from RHEL (v5.16.3) to SLES (perl v5.26.1) and had the issue that self-signed certs would not be ignored. For some reason, CA signed worked anyway. However, this one solved the issue.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Perl module LWP::Protocol::https installation fails on Ubuntu
Using LWP with SSL and client certificates
Selecting SSL_VERIFY_NONE for SSL_verify_mode
How can I get LWP to validate SSL server certificates?
How to set SSL certificate for gmail SMTP
Perl LWP::Simple HTTPS error
How can I get the body of an HTTP response using LWP::UserAgent in Perl?
Perl: Cannot Access Web Service with SSL
Perl : Error during installion of a module of CPAN
How can I install local modules with the cpan tool?