I get that error. Here is my code.
use LWP::UserAgent;
use HTTP::Request::Common qw(POST);
use HTTP::Cookies;
$URL="https://example.com/my.plicy";
$UA = LWP::UserAgent->new();
$UA->ssl_opts( verify_hostnames => 0 );
#UA->ssl_opts( SSL_ca_file => Mozilla::CA::SSL_ca_file() );
$req =HTTP::Request::Common::POST("$URL",
Content_type=>'form-data',
Content =>[
'username'=>'111',
'password'=>'2222',
'vhost'=>'standard'
]
);
$req->header('Cookie' =>q(TIN=287000; LastMRH_Session=439960f5; MRHSession=78c9c47291c1fcedae166121439960f5));
$resp=$UA->request($req);
if( ($resp->code() >= 200) && ($resp->code() <400) ) {
print $resp->decoded_content;
}else{
print "Error: ". $resp->status_line. "
";
}
The problem is that I have no real certificate to provide, because the site is in development stages, and a certificate of the localhost is used... the browsers don't recognize it.
Is there a way to bypass the verification?? and avoid the error?
UPDATE:
I changed my code a bit. Added another library and added this function:
use CACertOrg::CA;
$ENV{PERL_LWP_SSL_VERIFY_HOSTNAME} = 0;
$UA->ssl_opts(
verify_hostnames => 0,
SSL_ca_file => CACertOrg::CA::SSL_ca_file()
);
Now I get this:
Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client
is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER
together with SSL_ca_file|SSL_ca_path for verification.
If you really don't want to verify the certificate and keep the
connection open to Man-In-The-Middle attacks please set
SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application.
at C:/Perl/lib/LWP/Protocol/http.pm line 31.
So I changed the options to this:
$UA->ssl_opts(
SSL_verify_mode => 'SSL_VERIFY_NONE',
verify_hostnames => 0,
SSL_ca_file => CACertOrg::CA::SSL_ca_file()
);
I get nothing printed... I don't get an error, though. Is it a good sign?
See Question&Answers more detail:
os 与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…