REST::Client: how to ignore SSL certificates
Solution 1
I got it working by adding below line:
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME}=0;
Reference: https://splash.riverbed.com/docs/DOC-1602
Solution 2
I found that option did not completely address the issue in LWP 6.x. For me this worked:
# setup rest client
my $client = REST::Client->new();
# don't verify SSL certs
$client->getUseragent()->ssl_opts(verify_hostname => 0);
$client->getUseragent()->ssl_opts(SSL_verify_mode => SSL_VERIFY_NONE);
Related videos on Youtube
slayedbylucifer
A hopelessly devoted father and a husband who does Linux plumbing for survival. The only other interest he has is listening to heavy/thrash metal and strumming his acoustic guitar.
Updated on May 26, 2022Comments
-
slayedbylucifer almost 2 years
I am working with
REST::Client
and my code fails with SSL error.Here is the code:
#!usr/bin/perl -w use strict; use REST::Client; my $client = REST::Client->new(); $client->GET("https://something/api/sessions"); print $client->responseContent();
and here is the output:
WP::Protocol::https::Socket: SSL connect attempt failed with unknown error error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/local/share/perl/5.10.1/LWP/Protocol/http.pm line 51.
I know the problem.
REST::Client
is not able to ignore the SSL certificate.I get the exact same error with
curl
when I do not use "-k" option:here is curl command:
curl -i -H "Accept:application/*+xml;version=1.5" -u "username@system:password" -X post https://something/api/sessions
and here is curl output(Error):
curl: (60) SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
However, if I add "-k" to the curl command, then it works just fine.
From curl's man page, here is the explanation of "-k":
(SSL) This option explicitly allows curl to perform "insecure" SSL connections and transfers.
Question:
So, How do I make
REST::Client
ignore the SSL certificate? OR is there any other elegant way to work with? I gone through theREST::Client
documentation on CPAN but it does not talk anything about this.Thanks.
-
ThanksForYourHelp almost 8 yearsFor what it's worth it is far better to deploy a proper CA signed cert to the service (if possible) or, only if the cert is unique, specifically trust the individual cert.
-
-
Karlik_B almost 6 yearsWorks great. Only SSL_VERIFY_NONE needs to be encapsulated in single quotes to prevent strict compile failure.
-
chicks almost 5 yearsUsuallly keys on the left side of
=>
are implicitly quoted in Perl. I haven't had this trip upstrict
ness which I usually have on. That's why the code sample includes themy
.