Frozen Fido : RU.PERL : Re: SSL LWP

ru.perl

 
 - RU.PERL ----------------------------------------------------------------------
 From : Sergey Gernichenko                   2:5079/46.90   13 Jul 2007  09:53:58
 To : All
 Subject : Re: SSL LWP
 --------------------------------------------------------------------------------

 
 В четверг, 12 июля 2007 года, в 02:36, я писал(а) всем:
 
  SG> Подскажите, что и где можно почитать по поводу SSL, сертификатов, их
  SG> проверки клиентом...
 
 Взял файлы
 ca-bundle.crt
 notacacert.pem
 notacakeynopass.pem
 из дистриба перл-модуля Crypt::SSLeay с cpan.
 
 сам модуль поставил с theoryx5 - PPM-репозитория (пока под виндой всё отлаживаю)
 
 настроил переменные окружения в скрипте:
   $ENV{HTTPS_DEBUG} = 1;
 
   # DEFAULT SSL VERSION
   $ENV{HTTPS_VERSION} = '3';
   # CLIENT CERT SUPPORT
   $ENV{HTTPS_CERT_FILE} = 'certs/notacacert.pem';
   $ENV{HTTPS_KEY_FILE}  = 'certs/notacakeynopass.pem';
   # CA CERT PEER VERIFICATION
   $ENV{HTTPS_CA_FILE}   = 'certs/ca-bundle.crt';
   $ENV{HTTPS_CA_DIR}    = 'certs/';
 
 выполняю запрос к https - серверу, в stderr сыпется:
 
 SSL_connect:before/connect initialization
 SSL_connect:SSLv2/v3 write client hello A
 SSL_connect:SSLv3 read server hello A
 SSL3 alert write:fatal:unknown CA
 SSL_connect:error in SSLv3 read server certificate B
 SSL_connect:error in SSLv3 read server certificate B
 SSL_connect:before/connect initialization
 SSL_connect:SSLv3 write client hello A
 SSL_connect:SSLv3 read server hello A
 SSL3 alert write:fatal:bad certificate
 SSL_connect:error in SSLv3 read server certificate B
 SSL_connect:before/connect initialization
 SSL_connect:SSLv2 write client hello A
 SSL_connect:error in SSLv2 read server hello B
 SSL_connect:before/connect initialization
 SSL_connect:SSLv2/v3 write client hello A
 SSL_connect:SSLv3 read server hello A
 SSL3 alert write:fatal:unknown CA
 SSL_connect:error in SSLv3 read server certificate B
 SSL_connect:error in SSLv3 read server certificate B
 SSL_connect:before/connect initialization
 SSL_connect:SSLv3 write client hello A
 SSL_connect:SSLv3 read server hello A
 SSL3 alert write:fatal:bad certificate
 SSL_connect:error in SSLv3 read server certificate B
 SSL_connect:before/connect initialization
 SSL_connect:SSLv2 write client hello A
 SSL_connect:error in SSLv2 read server hello B
 SSL_connect:before/connect initialization
 SSL_connect:SSLv2/v3 write client hello A
 SSL_connect:SSLv3 read server hello A
 SSL3 alert write:fatal:unknown CA
 SSL_connect:error in SSLv3 read server certificate B
 SSL_connect:error in SSLv3 read server certificate B
 SSL_connect:before/connect initialization
 SSL_connect:SSLv3 write client hello A
 SSL_connect:SSLv3 read server hello A
 SSL3 alert write:fatal:bad certificate
 SSL_connect:error in SSLv3 read server certificate B
 SSL_connect:before/connect initialization
 SSL_connect:SSLv2 write client hello A
 SSL_connect:error in SSLv2 read server hello B
 SSL_connect:before/connect initialization
 SSL_connect:SSLv2/v3 write client hello A
 SSL_connect:SSLv3 read server hello A
 SSL3 alert write:fatal:unknown CA
 SSL_connect:error in SSLv3 read server certificate B
 SSL_connect:error in SSLv3 read server certificate B
 SSL_connect:before/connect initialization
 SSL_connect:SSLv3 write client hello A
 SSL_connect:SSLv3 read server hello A
 SSL3 alert write:fatal:bad certificate
 SSL_connect:error in SSLv3 read server certificate B
 SSL_connect:before/connect initialization
 SSL_connect:SSLv2 write client hello A
 SSL_connect:error in SSLv2 read server hello B
 500 SSL negotiation failed:error:1407E086:SSL
 routines:SSL2_SET_CERTIFICATE:certificate verify failed
 
 Что ему не нравится? подскажите, плиз... Hе те сертификаты? если так, то где
 можно взять те, что надо? например, как бы их экспортировать все из ИЕ или
 оперы...
 
 До скорых встреч, *All*                 С уважением, *Sergey*.
 --- Вот и всё, что я хотел сказать
  * Origin: Работать надо, пока ещё не лень (2:5079/46.90)

Вернуться к списку тем, сортированных по: возрастание даты уменьшение даты тема автор

Тема:	Автор:	Дата:
SSL LWP	Sergey Gernichenko	12 Jul 2007 02:36:42
Re: SSL LWP	Sergey Gernichenko	13 Jul 2007 09:53:58
Re: SSL LWP	Artem Chuprina	13 Jul 2007 15:33:19
Re: SSL LWP	Sergey Gernichenko	14 Jul 2007 22:33:06
Re: SSL LWP	Artem Chuprina	15 Jul 2007 01:20:18
Re: SSL LWP	Sergey Gernichenko	15 Jul 2007 22:44:02
Re: SSL LWP	Artem Chuprina	16 Jul 2007 17:54:54
Re: SSL LWP	Sergey Gernichenko	17 Jul 2007 12:14:48
Re: SSL LWP	Artem Chuprina	17 Jul 2007 18:02:20

Архивное /ru.perl/34034696fa04.html, оценка 3 из 5, голосов 10