Re: ssl details cgi script

Net::SSL::ExpireDate constructs the SSL handshake by hand and explicitly does a TLS 1.2 only request with only a handful of ciphers. It might be that the site you are trying to reach does not work with TLS 1.2 or does not support the ciphers offered by Net::SSL::ExpireDate. I would recommend that you instead use a library which is commonly used to establish SSL connections and which should work with almost every site. With IO::Socket::SSL you can get the expiration date like this:

use strict;
use warnings;
use IO::Socket::SSL;
use IO::Socket::SSL::Utils;

# ignore certificate errors since we only want to get the expiration
# time and not transfer any sensitive data
my $cl = IO::Socket::SSL->new(
    PeerAddr => 'www.google.com:443', 
    SSL_verify => 0
) or die "connect failed: $!, $SSL_ERROR";
my $cert = $cl->peer_certificate or die "no peer certificate";
print "expire=".localtime(CERT_asHash($cert)->{not_after})."\n";
[download]

Comment on Re: ssl details cgi script Download Code

Replies are listed 'Best First'.
Re^2: ssl details cgi script by alokranjan (Acolyte) on Jul 26, 2015 at 10:04 UTC
`use Net::SSL::ExpireDate; my $site = "www.google.com"; $ed = Net::SSL::ExpireDate->new( https => $site ); if (defined $ed->expire_date) { $expire_date = $ed->expire_date; print $expire_date; $expired = $ed->is_expired; }` [download] Above code is also working fine but not with the cgi. Anyways many thanks for suggesting new solution. Thanks	[reply] [d/l]
Re^2: ssl details cgi script by alokranjan (Acolyte) on Jul 26, 2015 at 10:10 UTC
Many thanks, your suggested solution worked like a charm. But I am wondering why my code didn't show expiry date.	[reply]