in reply to Re^2: Problem with SSL connection to PayPal
in thread Problem with SSL connection to PayPal

The only option is the one you've set.

$ cat 1166599.pl 
#!/usr/bin/perl
use strict;
use warnings;
use LWP::UserAgent;

my $ua = LWP::UserAgent->new();
$ua->ssl_opts(verify_hostname => 1);
my $host = 'https://tlstest.paypal.com';
my $req = HTTP::Request->new(GET => "$host");
my $res = $ua->get($host);
if (not $res->is_success) {
  print $res->as_string . "\n";
} else {
  print "Success\n";
  print $res->decoded_content . "\n";
  foreach ($ua->ssl_opts) { print "$_ => " . $ua->ssl_opts($_) . "\n";
+ }
}
palma pete 2309 $ ./1166599.pl 
Success
PayPal_Connection_OK
verify_hostname => 1
$ perl -v

This is perl 5, version 20, subversion 3 (v5.20.3) built for x86_64-li
+nux-thread-multi
(with 16 registered patches, see perl -V for more detail)

Copyright 1987-2015, Larry Wall

Perl may be copied only under the terms of either the Artistic License
+ or the
GNU General Public License, which may be found in the Perl 5 source ki
+t.

Complete documentation for Perl, including FAQ lists, should be found 
+on
this system using "man perl" or "perldoc perl".  If you have access to
+ the
Internet, point your browser at http://www.perl.org/, the Perl Home Pa
+ge.

[download]

Replies are listed 'Best First'.
Re^4: Problem with SSL connection to PayPal
by Anonymous Monk on Jun 27, 2016 at 01:01 UTC

    The options look the same. This must be a version issue. Below are my versions of perl and involved modules. The IO modules look out of date.

    Perl             5.18.2
LWP::UserAgent   6.05
LWP::Protocol    6.00
IO::Socket       1.36
IO::Socket::SSL  1.966

    [download]

    How do these compare with your working set?

[reply]
[d/l]

      These are what I'm using. That last entry is potentially significant.

      Perl5.20.3
      LWP::UserAgent6.15
      LWP::Protocol6.15
      IO::Socket1.38
      IO::Socket::SSL2.012
      Mozilla::CA20141217

      If I were you these are the steps I would take:

      • Install version 20141217 of Mozilla::CA and test with that.
      • Enable debugging (via IO::Socket::SSL) and see the detail behind the connection failure.
[reply]
      These are about 2 year old versions of the libraries thus it might be that the problems got fixed in the mean time. Another issue might be the version of OpenSSL Perl is linked with. Paypal requires TLS 1.2 which is only available with OpenSSL 1.0.1. You can check the number with 
      perl -MNet::SSLeay -e 'printf "0x%x\n",Net::SSLeay::OPENSSL_VERSION_NUMBER()'
      If the result is lower than 0x100010000 your OpenSSL version is too old.
[reply]

        Thanks to both hippo and noxxi for the advice on versions to support TSL1.2. The problem was the openssl version. My server had 0.9.8. I requested a move to a server with 1.0.1 and everything worked the first try. This problem is solved thanks to your help.

[reply]

In Section Seekers of Perl Wisdom