I’m currently working on Perl script that uses LWP and Crypt::SSLeay libraries to receive data from security enabled website. This website uses client certificate authentication methods which implements PKCS12 certificate file and corresponding PASSWORD. My script is as follows:
use LWP::UserAgent;
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0;
$ENV{HTTPS_PKCS12_FILE} = 'FILENAME.pfx';
$ENV{HTTPS_PKCS12_PASSWORD} = 'PASSWORD';
my $ua = LWP::UserAgent->new;
my $response = $ua->get('https://example.com/logon.asp');
print $response->content, "
";
When I run this script under Windows and Debian - it works correctly, but under OpenSuse 12.1 it behaves like if “FILENAME.pfx” cerificate file is not supplied. The same results are true for both system default Perl installation and for ActivePerl. So i guess the problem is related not with the Perl distribution itself, but rather with some core system’s functionality.
> it behaves like if “FILENAME.pfx” certificate file is not supplied.
I see that you provided that in the script, but is the file there? Have
you tried using an absolute path to ensure it is not looking in a
directory other than what you expect? How, exactly, does it lead you to
believe that the “file is not supplied” (what is the error message
exactly?)?
Good luck.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
Sadly i can not supply you with certificate file, because it’s a confidential info
That file resides in the same directory as script itself. Advised by you, i tried to supply full directory path to that file, but results were the same.
Any way, when i copy the entire script’s directory to Debian machine and run the same script, everything works perfectly.
Theres no nor can’t be error message about missing file. When i run the script on Debian, it prints login page. On Suse - it prints me a page with a message about missing certificate. Even when i supply to the script wrong file name, or leave script without this parameter at all - nothing changes, results are the same.
I did some additional testing, and discovered some odd thing.
Now the funny thing is, that on both Debian and Windows, when i supply wrong filename for the certificate, script prints an error message about missing file:
500 configure certs failed: aFILE.pfx file does not exist: No such file or directory
There’s no such thing on SuSe. Regardless of filename supplied, script behaves identically - it prints me a webpage with message about missing certificate :\
That you do not get a different error message when you put in blatantly
incorrect file names still tells me that it is not finding your file in
the first place, or I suppose the Perl module could simply never tell
you about a bad file, but then your Debian install does which likely
uses the same code. Are you using ‘perl -w’ to start things, or even
setting ‘use strict;’ somewhere to see if you can find odd quirks caused
by those types of problems?
How did you build the .pfx file exactly? What are the various perl*
package versions on OpenSUSE and Debian?
Good luck.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
A bit of an update… on my 11.3 system using perl-Crypt-SSLeay 0.57 I
get nice message about what his wrong when I omit the file completely:
500 configure certs failed: FILENAME.pfx file does not exist: No such
file or directory
If I try the same thing on my 12.1 system I get, as you did, messages
from the web server instead. My 12.1 box, though is using 0.58
(current) of this Perl module, so my guess is that something changed
there. I have not yet tried copying over the Perl module from one
system to another, but that seems like the most-likely culprit at this
point.
Good luck.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.15 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
