SSL_verify_mode => SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
####
#!/usr/bin/perl
use strict;
use IO::Socket::SSL qw(debug0);
use Sys::Hostname;
use Socket;
my $ip_address = inet_ntoa((gethostbyname(hostname))[4]);
my ( $output, $client );
$output = "ok";
my $server = IO::Socket::SSL->new(
LocalAddr => $ip_address,
LocalPort => q[6666],
Listen => q[10],
SSL_verify_mode => SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
SSL_cert_file => q[/etc/httpd/certs/crt.pem],
SSL_key_file => q[/etc/httpd/certs/key.pem],
SSL_ca_file => q[/etc/httpd/certs/ca-chain.crt.pem],
) or die;
while(1) {
# accept client
my $status = $client = $server->accept;
if ($status) {
print $client $output;
shutdown($client,1);
}
}
####
#!/usr/bin/perl
use strict;
use IO::Socket::SSL qw(debug0);
my $client = IO::Socket::SSL->new(
# where to connect
PeerHost => q[192.168.0.1],
PeerPort => q[6666],
SSL_verify_mode => SSL_VERIFY_PEER,
SSL_cert_file => q[./client.crt.pem],
) or die "failed connect or ssl handshake: $!,$SSL_ERROR";
# receive string over SSL connection
my $string = <$client>;
print "Output = $string\n";
####
wget -q --no-check-cert https://192.168.0.1:6666 -O -