in reply to LWP SSL Question

From your code you connect to localhost 8443. I doubt, that you have a valid certificate there, e.g. one which can be verified against a trusted CA provided by the Mozilla::CA CA store. Thus it will fail to connect because the certificate can not be validated. You can check this by adding SSL debugging with:

   perl -MIO::Socket::SSL=debug10 yourcode.pl

Setting verify_hostname to 0 will not help, because this concerns only the validation of the hostname inside the certificate and not the validation of the certificate against the list of trusted CAs (at least it should, in some versions of LWP it actually disables all verification which is wrong). If you really need to disable verification you should set SSL_verify_mode accordingly (see documentation of IO::Socket::SSL), but in this case you should ask yourself why you use SSL at all.

Replies are listed 'Best First'.
Re^2: LWP SSL Question
by packetstormer (Monk) on Jun 07, 2014 at 18:10 UTC

    So, the 'debug10' trick helped a lot and from the output I was able to narrow down the problem to the cipher being used. Adding SSL_cipher_list => "RC4-SHA" to my ssl_opts resolved the problem and got me talking to the SSL server

    Thanks for the replies, they certainly helped!

[reply]
[d/l]
      This is strange, because RC4-SHA is in the default cipher set used by IO::Socket::SSL on the client side (but only as the last choice). This must be a very strange SSL server you have there, could you share some details about it? (I'm the maintainer of IO::Socket::SSL and always on the search for unusual SSL issues.)
[reply]

        Sure. The server I was connecting to was the Unifi AP controller - Unifi AP - from Ubiquiti Networks. This link if for 2.4.6 but I was using the beta 3.12 (and 3.10) versions. I am not sure if that is what you are after but let me know if I can get you any other information.

[reply]

In Section Seekers of Perl Wisdom