Re: "certificate verify failed" error while trying to connect to https:// site using use WWW::Mechanize

Alternatively, you could place the CA certificate of the party that issued the certificate for your target web site in the HTTPS_CA_DIR. Most commercial CA's link to it on their web site or you may already have it.

As to the setting for HTTPS_CA_DIR: you could create any convenient directory in your code base to hold the certificate and point to that. You may as well keep it close to your code.

Windows places its certificates in special certificate stores (which explains your result in Internet Explorer) that AFAIK are not that easily accessible to non-MS applications.

Comment on Re: "certificate verify failed" error while trying to connect to https:// site using use WWW::Mechanize Select or Download Code

Replies are listed 'Best First'.
Re^2: "certificate verify failed" error while trying to connect to https:// site using use WWW::Mechanize by sam_bakki (Pilgrim) on Jul 18, 2011 at 09:02 UTC
Hi rkrieger I have exported the certificate (in my case it is COMODOHigh-AssuranceSecureServerCA ) from internet explorer to a directory as a .cer file. After that I set `$ENV{HTTPS_CA_DIR} = 'C:\temp\cert'; $ENV{HTTPS_DEBUG} = 1; $ENV{HTTP_DEBUG} = 1;` [download] but still it is not working , I get the same Error GETing https://www.collabnet.nxp.com/sf/sfmain/do/home: Can't connect to www.collabnet.nxp.com:443 (certificate verify failed) error Thanks	[reply] [d/l]
Re^3: "certificate verify failed" error while trying to connect to https:// site using use WWW::Mechanize by rkrieger (Friar) on Jul 18, 2011 at 09:58 UTC
First off: check whart sort of format you exported from your browser. You'll want PEM (plain base64 text with a `-----BEGIN CERTIFICATE-----` line at start). Try opening your file in a text editor and check if that's what you have. Export in different formats or convert your current file to PEM format (see the OpenSSL manual for that or the openssl) man page on a Unix system. In short: when using `HTTPS_CA_DIR` you need a directory with PEM certificates in files named according to the hash of their (certificate) subject name. Perhaps `HTTPS_CA_FILE` is more useful for you (if you only have a single CA certificate to handle). Why? The CA file directory should hold files in so-called PEM format and follow the instructions as listed in Crypt::SSLeay under Client Certificate Support. In fact, that points to the OpenSSL docs again with more instructions.	[reply] [d/l] [select]
Re^4: "certificate verify failed" error while trying to connect to https:// site using use WWW::Mechanize by sam_bakki (Pilgrim) on Jul 19, 2011 at 08:46 UTC
Hi rkrieger I ran the same script , which uses WWW::Mechanize to download https:// content. Which works like a charm :) any way thanks again for your advise and information about certificates. Another good reason to hate MS Windows :) Thanks Bakkiaraj M	[reply]