Hi all, I'm posting XML to a web service, but I need to verify that the ssl certificate on the remote server is valid. This is my first time working with SSL (which is probably my real issue), and Crypt::SSLeay appears to be one way to do it. So I tried to setup an easy test: 
use strict;
use LWP::UserAgent;

$ENV{ HTTPS_CA_FILE } = 'cacerts.pem';

my $ua  = LWP::UserAgent->new;
my $req = HTTP::Request->new('GET', 'https://mail.google.com/');
my $res = $ua->request($req);

print $res->header( 'client-ssl-warning' );

[download]
If I run this without the HTTPS_CA_FILE line, it prints "Peer certificate not verified", which makes sense. If I run it with the HTTPS_CA_FILE line included and with cacerts.pem in the same directory with the contents pulled from http://curl.haxx.se/docs/sslcerts.html , it prints nothing. I thought this was what I wanted, until I tried pointing HTTPS_CA_FILE to a blank file or file that didn't exist, and that also printed nothing.

(Adding $ENV{ HTTPS_DEBUG } = 1 prints the same debug info each time).

Am I wrong in thinking that pointing to a .pem of valid certificate signatures and the absence of a "client-ssl-warning" means the certificate was valid? It seems that as long as $ENV{ HTTPS_CA_FILE } is set to something, it doesn't matter what it's pointing to, the warning goes away.

I appreciate any help with this, or any pointers on other modules I perhaps should be using instead. I haven't been able to find any simple examples anywhere that just work, and haven't been able to put one together from TFM's.

Thanks

In reply to Validating server SSL certificate by chrisj79

Title:
Use:  <p> text here (a paragraph) </p>
and:  <code> code here </code>
to format your post, it's "PerlMonks-approved HTML":


  • Posts are HTML formatted. Put <p> </p> tags around your paragraphs. Put <code> </code> tags around your code and data!
  • Titles consisting of a single word are discouraged, and in most cases are disallowed outright.
  • Read Where should I post X? if you're not absolutely sure you're posting in the right place.
  • Please read these before you post! —
  • Posts may use any of the Perl Monks Approved HTML tags:
    a, abbr, b, big, blockquote, br, caption, center, col, colgroup, dd, del, details, div, dl, dt, em, font, h1, h2, h3, h4, h5, h6, hr, i, ins, li, ol, p, pre, readmore, small, span, spoiler, strike, strong, sub, summary, sup, table, tbody, td, tfoot, th, thead, tr, tt, u, ul, wbr
  • You may need to use entities for some characters, as follows. (Exception: Within code tags, you can put the characters literally.)
            For:     Use:
    & &amp;
    < &lt;
    > &gt;
    [ &#91;
    ] &#93;
  • Link using PerlMonks shortcuts! What shortcuts can I use for linking?
  • See Writeup Formatting Tips and other pages linked from there for more info.