RE: [Crypt::SSLeay] CA certificate trust verification with LWP HTTPS communication

RE: [Crypt::SSLeay] CA certificate trust verification with LWP HTTPS communication

am 09.06.2005 01:32:19 von IGunawan635

HI Chris,

Congratulations on the effort making LWP works with Crypt::SSLeay. Can
you share your code how you did it. I've working on this for a while
and still no luck.

Here is my code:

use LWP::UserAgent;
use HTTP::Request;
use HTTP::Response;
use Crypt::SSLeay;
LWP::Debug::level('+conns');
LWP::Debug::level('+trace');
LWP::Debug::level('+debug');

# HTTPS Proxy Support
$ENV{HTTPS_PROXY} =3D 'http://sa1isa4:80';
# PROXY_BASIC_AUTH
$ENV{HTTPS_PROXY_USERNAME} =3D 'username'; $ENV{HTTPS_PROXY_PASSWORD} =3D
'password'; # DEBUGGING SWITCH / LOW LEVEL SSL DIAGNOSTICS
$ENV{HTTPS_DEBUG} =3D 1; =20
# DEFAULT SSL VERSION
$ENV{HTTPS_VERSION} =3D '3';
#$ENV{HTTPS_CERT_FILE} =3D 'C:/Perl/certs/cert.pem'; #$ENV{HTTPS_KEY_FILE}
=3D 'C:/Perl/certs/cert.pem'; $ENV{HTTPS_CA_FILE} =3D
'val.banking.worldsavings.com.cer';
$ENV{HTTPS_CA_DIR} =3D 'C:/Perl/certs/';

my $browser =3D LWP::UserAgent->new();
#$browser->proxy('http', 'http://sa1isa4:80/');
$request =3D HTTP::Request->new (GET =3D>
'https://val.banking.worldsavings.com/wsb/WDSHeartBeat?heart beat=3DPWS');
$response =3D $browser->request($request);
=09
my $content;
if ( $response->is_error() ) {
printf "unable to connect to $WDSHeartBeat{$dbname}, response:
%s\n", $response->status_line;
exit;
}
$list =3D $response->content();

I am using ActivePerl 5.6, I install openssl-0.9.7c-bin.exe,
libwww-perl-5.64, libnet-1.19 and Cypt-SSLeay.

I can access the HTTPS through browser and it has a certificate. I
downloaded the certificate and saved it to C:\Perl\certs directory and
named it 'val.banking.worldsavings.com.cer'.

I am still getting this error:
LWP::UserAgent::new: ()
LWP::UserAgent::request: ()
LWP::UserAgent::send_request: GET
https://val.banking.worldsavings.com/wsb/WDSHeartBeat?heartb eat=3DPWS
LWP::UserAgent::_need_proxy: Not proxied
LWP::Protocol::http::request: ()
LWP::UserAgent::request: Simple response: Internal Server Error unable
to connect to
https://val.banking.worldsavings.com/wsb/WDSHeartBeat?heartb eat=3DPWS,
response: 500 proxy connect failed: PROXY ERROR HEADER, could be non-SSL
URL: HTTP/1.1 407 Proxy Authentication Required ( The ISA Server
requires authorization to fulfill the request. Access to the Web Proxy
service is denied. ) Via:1.1 SA1ISA4
Proxy-Authenticate: NTLM
Proxy-Authenticate: Kerberos
Proxy-Authenticate: Negotiate
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
Content-Length: 2375

dir=3Dltr>The page cannot be displayed


2">

bgColor=3D#ffffff>









#000000">The page
cannot be displayed

style=3D"FONT: 8pt/11pt verdana; COLOR: #000000">There is a problem
with the
page you are trying to reach and it cannot be
displayed.
style=3D"FONT: 8pt/11pt verdana; COLOR: #000000">


Please try the following:



  • Click the Refresh button,
    or try again later.

  • Open the Web site
    home page, and then look for links to the information you want.
  • If you typed the page address in the Address bar, make sure
    that it
    is spelled correctly.

  • Verify that the Internet access policy on your network
    allows you
    to view this this page.

  • If you believe you should be able to view this directory or
    page,
    please contact the Web site administrator by using the e-mail
    address or
    phone number listed on the Web site
    home page.

HTTP 407 Proxy
Authentication Required - The ISA Server requires authorization to
fulfill the request. Access to the Web Proxy service is denied.
(12209)
Internet Security and Acceleration Server




Technical Information (for support personnel)



  • Background:
    The gateway could not retrieve the requested
    page.


  • ISA Server: SA1ISA4.worldsavings.com

    Via:

    Time: 6/7/2005 11:08:27 PM GMT

;

I wonder whether I should use proxy at all.
Your help is greatly appreciated.

Thanks.
-Indra




************************************************************ ***************=
**
If you are not the intended recipient of this e-mail, please notify=20
the sender immediately. The contents of this e-mail do not amend=20
any existing disclosures or agreements unless expressly stated.
************************************************************ ***************=
**