| Subject: | SSL connections returns big ugly IO::Socket::SSL warning |
| Date: | Fri, 20 Jul 2018 13:56:51 +0200 |
| To: | bug-MikroTik-API [...] rt.cpan.org |
| From: | Martin Kalčák <martin [...] kalcak.cz> |
Due to change in IO::Socket::SSL every attempt to connect via ssl returns
|*******************************************************************
Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client is
depreciated! Please set SSL_verify_mode to SSL_VERIFY_PEER together with
SSL_ca_file|SSL_ca_path for verification. If you really don't want to
verify the certificate and keep the connection open to Man-In-The-Middle
attacks please set SSL_verify_mode explicitly to SSL_VERIFY_NONE in your
application.
*******************************************************************
prefixed to any other output. Granted, this is sent to STDERR, however
automated systems like zabbix cannot ignore STDERR and output is
practically unusable. A have patched it by adding $self->set_socket(
IO::Socket::SSL->new( *SSL_verify_mode => 0,* ) at sub connect. It would
be nice however to have more refined control over certificate
verification via MikroTik::API interface. Cheers, Martin |