enable unsafe legacy renegotiation

danilo90 has asked for the wisdom of the Perl Monks concerning the following question:

I am developing a little script to get web server information but with some server I got this error "SSL negotiation failed: error:0A000152:SSL routines::unsafe legacy renegotiation disabled"

Here is part of my code

 
my $browser = LWP::UserAgent->new( max_redirect => 1, env_proxy => 1,
keep_alive => 1, timeout => 15, agent => "Mozilla/4.76 [en] (Win98; U)
+",
ssl_opts => { verify_hostname => 0 ,  SSL_verify_mode => 0});
[download]

I tried adding an SSL exception with the file sslv1.conf and environment variables:

 [system_default_sect]
Options = UnsafeLegacyRenegotiation
[download]

- Running the script

OPENSSL_CONF=sslv1.conf; perl webData.pl

Comment on enable unsafe legacy renegotiation Select or Download Code

Replies are listed 'Best First'.
Re: enable unsafe legacy renegotiation by cavac (Parson) on Mar 23, 2023 at 07:19 UTC
This may be a stupid question, but have you tried just switching to http in those cases? Most https servers also provide http (even if just to redirect to https). From your question, it seems you only want to know the "Server" header, which should be the same on the unencrypted connection. PerlMonks XP is useless? Not anymore: XPD - Do more with your PerlMonks XP	[reply]
Re^2: enable unsafe legacy renegotiation by danilo90 (Initiate) on Mar 23, 2023 at 14:20 UTC
Actually not a bad solution. Thanks	[reply]
Re: enable unsafe legacy renegotiation by Anonymous Monk on Mar 24, 2023 at 09:09 UTC
Try this: `use Net::SSLGlue::LWP; use IO::Socket::SSL; my $context = new IO::Socket::SSL::SSL_Context( SSL_version => 'tlsv1', # see https://metacpan.org/pod/IO::Socket::S +SL for other values SSL_verify_mode => Net::SSLeay::VERIFY_NONE(), ); IO::Socket::SSL::set_default_context($context); use LWP::UserAgent; ...` [download]	[reply] [d/l]