Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

I been trying to update my perl cgi script to use SSL when responding to an Instant Payment Notification from PayPal. They provide a test url (tlstest.paypal.com) to test the basic connection to their servers.

Using LWP::UserAgent, I got the following message:

LWP::Protocol::https::Socket: SSL connect attempt failed with unknown error SSL wants a read first at /System/Library/Perl/Extras/5.18/LWP/Protocol/http.pm line 51.

I can easily connect to the host using curl and php, so it isn't a general machine configuration, but it is something specific to perl. Here is the code:

#!/usr/bin/perl
use strict;
use warnings;
use LWP::UserAgent;

my $ua = LWP::UserAgent->new();
$ua->ssl_opts(verify_hostname => 1);
$ua->ssl_opts(SSL_ca_file => './MozillaCAFile.crt');
my $host = 'https://tlstest.paypal.com';
my $req = HTTP::Request->new(GET => "$host");
my $res = $ua->get($host);
if (not $res->is_success) {
  print $res->as_string . "\n";
} else {
  print "Success\n";
  print $res->decoded_content;
}

[download]

Replies are listed 'Best First'.
Re: Problem with SSL connection to PayPal
by hippo (Archbishop) on Jun 26, 2016 at 18:00 UTC

    Your code works perfectly for me if I comment out this line:

    $ua->ssl_opts(SSL_ca_file => './MozillaCAFile.crt');

    Can you explain why that line is in there? Are you using Mozilla::CA? Which version? (I'm on 20141217)

[reply]
[d/l]

      Yes, I provided the latest Mozilla Certificate Authority file. My Mac laptop does not have the Mozilla::CA package loaded, so I just provided the file (version 20160420) in the directory I was running the perl program in. If I don't provide the file, the connection fails by not being able to verify the server. The server that I need to get this working on does have Mozilla::CA (version 20120309), so I won't use that line either. My perl version is 5.18.2.

      I believe I am successfully verifying the server certificate.

      Can you dump out all the SSL options on your successful connection?

[reply]

        The only option is the one you've set.

        $ cat 1166599.pl 
#!/usr/bin/perl
use strict;
use warnings;
use LWP::UserAgent;

my $ua = LWP::UserAgent->new();
$ua->ssl_opts(verify_hostname => 1);
my $host = 'https://tlstest.paypal.com';
my $req = HTTP::Request->new(GET => "$host");
my $res = $ua->get($host);
if (not $res->is_success) {
  print $res->as_string . "\n";
} else {
  print "Success\n";
  print $res->decoded_content . "\n";
  foreach ($ua->ssl_opts) { print "$_ => " . $ua->ssl_opts($_) . "\n";
+ }
}
palma pete 2309 $ ./1166599.pl 
Success
PayPal_Connection_OK
verify_hostname => 1
$ perl -v

This is perl 5, version 20, subversion 3 (v5.20.3) built for x86_64-li
+nux-thread-multi
(with 16 registered patches, see perl -V for more detail)

Copyright 1987-2015, Larry Wall

Perl may be copied only under the terms of either the Artistic License
+ or the
GNU General Public License, which may be found in the Perl 5 source ki
+t.

Complete documentation for Perl, including FAQ lists, should be found 
+on
this system using "man perl" or "perldoc perl".  If you have access to
+ the
Internet, point your browser at http://www.perl.org/, the Perl Home Pa
+ge.

        [download]
[reply]
[d/l]

Back to Seekers of Perl Wisdom