I'm probably missing something incredibly obvious, but I simply can't get LWP to stop trying to verify certificates -- and I've read everything I could find on the topic. Here's my code:
#!/usr/bin/perl use strict; use LWP::UserAgent; use IO::Socket::SSL; use Data::Dumper; $ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0; my $bot = LWP::UserAgent->new( env_proxy => 1, keep_alive => 1, timeout => 300, ssl_opts => { verify_hostname => 0, SSL_verify_mode => IO::Socket::SSL::SSL_VERIFY_NONE }, ); my @headers = ( 'User-Agent' => 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:19. +0) Gecko/20100101 Firefox/19.0', 'Accept-Language' => 'ie-ee,en;q=0.7,ru;q=0.3', 'Accept-Encoding' => 'gzip, deflate', 'Accept' => "text/html,application/xhtml+xml,applicatio +n/xml;q=0.9,*/*;q=0.8", 'Cache-Control' => 'max-age=0' ); my $uri='https://www.something.com'; my $response = $bot->get($uri,@headers); print Dumper($response);
This yields the following response:
$VAR1 = bless( { '_content' => 'Can\'t connect to www.something.com:44 +3 (certificate verify failed) LWP::Protocol::https::Socket: SSL connect attempt failed error:1409008 +6:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed +at /usr/local/share/perl5/LWP/Protocol/http.pm line 47. ', '_rc' => 500, '_headers' => bless( { 'client-warning' => 'Internal +response', 'client-date' => 'Sat, 30 May +2015 07:38:43 GMT', 'content-type' => 'text/plain' +, '::std_case' => { 'client-warn +ing' => 'Client-Warning', 'client-date +' => 'Client-Date' } }, 'HTTP::Headers' ), '_msg' => 'Can\'t connect to www.something.com:443 (c +ertificate verify failed)', '_request' => bless( { '_content' => '', '_uri' => bless( do{\(my $o = +'https://www.something.com')}, 'URI::https' ), '_headers' => bless( { 'user-a +gent' => 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:19.0) Gecko/20100101 + Firefox/19.0', 'cache- +control' => 'max-age=0', 'accept +' => 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 +', 'accept +-language' => 'ie-ee,en;q=0.7,ru;q=0.3', 'accept +-encoding' => 'gzip, deflate' }, 'HTTP: +:Headers' ), '_method' => 'GET' }, 'HTTP::Request' ) }, 'HTTP::Response' );
I had thought that the ssl_opts I set would prevent the UA from even trying to verify the certificates. Then I threw in $ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0; for good measure.
What am I doing wrong?
In reply to Disable SSL certificate verification with LWP by tunafish
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |