Hi Monks, Below is Perl code that uses Net::LDAPS for the LDAPS SSL connection which seems to be working for Perl 5.34 version and not with 5.24 and 5.26 Perl versions. 

use warnings;
use strict;
use Net::LDAPS;
use IO::Socket::SSL qw(debug3);
use Data::Dumper;

my ($hostname, $port, $localaddr, $clientcert, $clientkey, $verify, $c
+afile);

$hostname = $ARGV[0];
$port = $ARGV[1];
$localaddr = $ARGV[2];
$clientcert = $ARGV[3];
$clientkey = $ARGV[4];
$verify = $ARGV[5],
$cafile = $ARGV[6];

&get_ldaps_connection_object;
                                                
##print "\nLDAPS ::: $ldaps\n";

##print Dumper($ldaps);

sub get_ldaps_connection_object
{
    my $ldaps = Net::LDAPS->new("$hostname",
                             port => "636",
                             timeout => 120,
                             scheme => 'ldaps',                       
+      
                 localaddr => '',
                 clientcert => '',
                             clientkey => '',
                 verify => "require",
                 cafile => "$cafile") or die "$@";
                                                
    return $ldaps;
    
}

[download]
Below is the output of the above Perl program from Perl version 5.26 (same for 5.24) and 5.34.

## perl ldaps_connection.pl with Perl version 5.26. 

DEBUG: .../IO/Socket/SSL.pm:2807: new ctx 60600432
DEBUG: .../IO/Socket/SSL.pm:659: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:661: socket connected
DEBUG: .../IO/Socket/SSL.pm:684: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:717: using SNI with hostname server name
DEBUG: .../IO/Socket/SSL.pm:752: request OCSP stapling
DEBUG: .../IO/Socket/SSL.pm:773: set socket to non-blocking to enforce
+ timeout=120
DEBUG: .../IO/Socket/SSL.pm:786: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:789: done Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:799: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:809: waiting for fd to become ready: SSL w
+ants a read first
DEBUG: .../IO/Socket/SSL.pm:829: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:786: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:2661: ok=0 [0] SERVER NAME
DEBUG: .../IO/Socket/SSL.pm:789: done Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:792: SSL connect attempt failed

DEBUG: .../IO/Socket/SSL.pm:792: local error: SSL connect attempt fail
+ed error:1416F086:SSL routines:tls_process_server_certificate:certifi
+cate verify failed
DEBUG: .../IO/Socket/SSL.pm:795: fatal SSL error: SSL connect attempt 
+failed error:1416F086:SSL routines:tls_process_server_certificate:cer
+tificate verify failed
DEBUG: .../lib/IO/Socket.pm:49: ignoring less severe local error 'IO::
+Socket::IP configuration failed', keep 'SSL connect attempt failed er
+ror:1416F086:SSL routines:tls_process_server_certificate:certificate 
+verify failed'
DEBUG: .../IO/Socket/SSL.pm:2829: free ctx 60600432 open=60600432
DEBUG: .../IO/Socket/SSL.pm:2833: free ctx 60600432 callback
DEBUG: .../IO/Socket/SSL.pm:2840: OK free ctx 60600432
Bad file descriptor at ldaps_connection.pl line 8, <DATA> line 960.

[download]
## Perl ldaps_connection.pl with Perl version 5.34 
DEBUG: .../IO/Socket/SSL.pm:763: socket not yet connected
DEBUG: .../IO/Socket/SSL.pm:1178: global error: Undefined SSL object
DEBUG: .../IO/Socket/SSL.pm:1178: global error: Undefined SSL object
DEBUG: .../IO/Socket/SSL.pm:765: socket connected
DEBUG: .../IO/Socket/SSL.pm:788: ssl handshake not started
DEBUG: .../IO/Socket/SSL.pm:830: using SNI with hostname SERVER NAME
DEBUG: .../IO/Socket/SSL.pm:865: request OCSP stapling
DEBUG: .../IO/Socket/SSL.pm:881: set socket to non-blocking to enforce
+ timeout=120
DEBUG: .../IO/Socket/SSL.pm:895: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:898: done Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:908: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:918: waiting for fd to become ready: SSL w
+ants a read first
DEBUG: .../IO/Socket/SSL.pm:938: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:895: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:2866: ok=1 [0] SERVER NAME
DEBUG: .../IO/Socket/SSL.pm:1841: scheme=ldap cert=51849968
DEBUG: .../IO/Socket/SSL.pm:1851: identity=SERVER NAME
DEBUG: .../IO/Socket/SSL.pm:2913: did not get stapled OCSP response
DEBUG: .../IO/Socket/SSL.pm:898: done Net::SSLeay::connect -> -1
DEBUG: .../IO/Socket/SSL.pm:908: ssl handshake in progress
DEBUG: .../IO/Socket/SSL.pm:918: waiting for fd to become ready: SSL w
+ants a read first
DEBUG: .../IO/Socket/SSL.pm:938: socket ready, retrying connect
DEBUG: .../IO/Socket/SSL.pm:895: call Net::SSLeay::connect
DEBUG: .../IO/Socket/SSL.pm:898: done Net::SSLeay::connect -> 1
DEBUG: .../IO/Socket/SSL.pm:953: ssl handshake done
LDAP ::: Net::LDAPS=HASH(0x6c4740)


LDAPS ::: Net::LDAPS=HASH(0x34119a8)
DEBUG: .../IO/Socket/SSL.pm:3066: free ctx 45839744 open=45839744
DEBUG: .../IO/Socket/SSL.pm:3070: free ctx 45839744 callback
DEBUG: .../IO/Socket/SSL.pm:3077: OK free ctx 45839744

[download]
My question is how to find which modules or what has been changed in Perl version 5.34 works for LDAPS SSL connection.
can I make it work for Perl version 5.24 itself and what needs to be done for the same?
Can help regarding this would be appreciated.

Thank you.

In reply to Perl Net::LDAPS issue with Perl version 5.24 and 5.26, works with Perl version 5.34. by Anonymous Monk

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.