bigup401 has asked for the wisdom of the Perl Monks concerning the following question:

i have read the http::Tiny module documentation but i dont see clear information how to set off ssl verify like in lwp

ssl_opts => { verify_hostname => 0

i need same thing like in lwp

Replies are listed 'Best First'.
Re: HTTP::Tiny ssl opt
by 1nickt (Canon) on Mar 28, 2017 at 14:09 UTC

    Hi bigup401,

    Read a little closer and you'll see that the syntax is: 

    my $ua = HTTP::Tiny->new(
    verify_SSL => 0,
);

    [download]
    ... and that the attribute is set to off by default so you don't need to specify anything if you don't want to perform the check:

    • "verify_SSL — A boolean that indicates whether to validate the SSL certificate of an https — connection (default is false)"

    Hope this helps!


    The way forward always starts with a minimal test.
[reply]
[d/l]

      well am getting this error when running the code. the procedure entry point ssl_get0_next_proto_negotiated could not be located in dynamic link library SSLEAY32

      but when running LWP module i can easily use ssl_opts => { verify_hostname => 0 to ignore ssl verify . now in http::tiny seems not work. when u use https. the docmenations tells validate the SSL certificate of an https — connection (default is false) but still the problem still occur

[reply]

        Hi again,

        ( Please put your error message inside <code></code> tags, like with code, as it helps to read it and separate it from your message. )

        Did you read all the documentation for HTTP::Tiny including the section SSL Support ?

        • "Direct https connections are supported only if IO::Socket::SSL 1.56 or greater and Net::SSLeay 1.49 or greater are installed. An exception will be thrown if new enough versions of these modules are not installed or if the SSL encryption fails. You can also use HTTP::Tiny::can_ssl() utility function that returns boolean to see if the required modules are installed."

        Have you verified that you have the necessary versions of those dependencies?

        Have you used the provided method HTTP::Tiny->can_ssl() to see whether you have the needed dependencies?

        Please let us know.


        The way forward always starts with a minimal test.
[reply]
[d/l]
[select]
Re: HTTP::Tiny ssl opt
by haukex (Archbishop) on Mar 29, 2017 at 07:08 UTC

    The HTTP::Tiny doc says:

    verify_SSL - A boolean that indicates whether to validate the SSL certificate of an https-connection (default is false)

    ... By default, HTTP::Tiny does not verify server identity.

    It works as expected for me, see below (note the PerlMonks SSL certificate is valid for perlmonks.pair.com, but not perlmonks.com). Could you provide an SSCCE for the problem?

    $ perl -MHTTP::Tiny -le 'print HTTP::Tiny->new()->get("https://perlmon
+ks.com/")->{status};'
200
$ perl -MHTTP::Tiny -le 'print HTTP::Tiny->new()->get("https://perlmon
+ks.pair.com/")->{status};'
200
$ perl -MHTTP::Tiny -le 'print HTTP::Tiny->new(verify_SSL=>1)->get("ht
+tps://perlmonks.com/")->{status};'
599
$ perl -MHTTP::Tiny -le 'print HTTP::Tiny->new(verify_SSL=>1)->get("ht
+tps://perlmonks.pair.com/")->{status};'
200
$ perl -MHTTP::Tiny -le 'print HTTP::Tiny->new(verify_SSL=>0)->get("ht
+tps://perlmonks.com/")->{status};'
200

    [download]
[reply]
[d/l]
[select]
Re: HTTP::Tiny ssl opt
by stevieb (Canon) on Mar 28, 2017 at 14:08 UTC

    update d'oh! I completely got the question backwards. The below can be ignored./update

    According to the docs, it's reasonably similar (untested):

    use warnings;
use strict;

use LWP::UserAgent;

my $ua = LWP::UserAgent;

$ua->ssl_opts(verify_hostname => 0);

    [download]

    The same section of the documentation linked to above, also states:

    "This option is initialized from the PERL_LWP_SSL_VERIFY_HOSTNAME environment variable. If this environment variable isn't set; then verify_hostname defaults to 1."
[reply]
[d/l]

Back to Seekers of Perl Wisdom