Re: Crypt::SSLeay & client certificates: msg#00038

Is this the right list for this question?

Sean Evans wrote on 4/5/2004, 9:22 AM:

 > Good day to everyone,
 >
 > I need to scrape some data from an HTTPS site that requires client
 > certificates for authentication. I am able to access the site with a
 > certificate loaded in Netscape 7.1, so I exported the certificate (there
 > are two actually, one for encrypting and one for signing, not sure if
 > this matters) to PKCS12 and tried the following:
 >
 > __BEGIN__
 > use strict;
 > use LWP::UserAgent;
 > # DEBUGGING SWITCH / LOW LEVEL SSL DIAGNOSTICS
 > $ENV{HTTPS_DEBUG} = 1;
 > # DEFAULT SSL VERSION
 > $ENV{HTTPS_VERSION} = '3';
 >
 > # CLIENT PKCS12 CERT SUPPORT
 > $ENV{HTTPS_PKCS12_FILE}     = 'test.p12';
 > $ENV{HTTPS_PKCS12_PASSWORD} = 'password';
 >
 > my $ua = new LWP::UserAgent;
 > my $req = new HTTP::Request('GET', 'https://example.com');
 > my $res = $ua->request($req);
 > print $res->status_line."\n";
 > __END__
 >
 > Here's the debug output I get:
 >
 > __BEGIN__
 > SSL_connect:before/connect initialization
 > SSL_connect:SSLv3 write client hello A
 > SSL_connect:SSLv3 read server hello A
 > SSL_connect:SSLv3 read server certificate A
 > SSL_connect:SSLv3 read server done A
 > SSL_connect:SSLv3 write client key exchange A
 > SSL_connect:SSLv3 write change cipher spec A
 > SSL_connect:SSLv3 write finished A
 > SSL_connect:SSLv3 flush data
 > SSL_connect:SSLv3 read finished A
 > SSL_connect:SSL renegotiate ciphers
 > SSL_connect:SSLv3 write client hello A
 > SSL_connect:SSLv3 read server hello A
 > SSL_connect:SSLv3 read server certificate A
 > SSL_connect:SSLv3 read server certificate request A
 > SSL_connect:SSLv3 read server done A
 > SSL_connect:SSLv3 write client certificate A
 > SSL_connect:SSLv3 write client key exchange A
 > SSL_connect:SSLv3 write certificate verify A
 > SSL_connect:SSLv3 write change cipher spec A
 > SSL_connect:SSLv3 write finished A
 > SSL_connect:SSLv3 flush data
 > SSL3 alert read:fatal:certificate unknown
 > SSL_connect:failed in SSLv3 read finished A
 > 500 read failed: error:14094416:SSL routines:SSL3_READ_BYTES:sslv3 alert
 > certificate unknown | error:140940E5:SSL routines:SSL3_READ_BYTES:ssl
 > handshake failure
 > __END__
 >
 >
 > I'm running on ActiveState 5.8 using Crypt::SSLeay from theoryx5. Could
 > anyone tell me what I'm doing wrong?
 >
 > --
 > Sean Evans
 >

-- 
Sean Evans
Technical Support
703-265-0397
http://enterprise.aim.com
http://enterprise.netscape.com

Previous by Date:	Re: [PATCH] redirection in LWP::Simple, Gisle Aas
Next by Date:	Re: Bug submitting large HTTP requests, Gisle Aas
Previous by Thread:	Crypt::SSLeay & client certificates, Sean Evans
Next by Thread:	Re: Crypt::SSLeay & client certificates, Josh Chamas
Indexes:	[Date] [Thread] [Top] [All Lists]