Skip Menu |

This queue is for tickets about the REST-Client CPAN distribution.

Report information
The Basics
Id: 89605
Status: resolved
Priority: 0/
Queue: REST-Client
People
Owner: Nobody in particular
Requestors: drasar [...] ics.muni.cz
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Fri Oct 18 08:46:28 2013 drasar [...] ics.muni.cz - Ticket created
Subject: Incorrect handling of certificate bundles
Date: Fri, 18 Oct 2013 14:46:09 +0200
To: bug-REST-Client [...] rt.cpan.org
From: Martin Drasar <drasar [...] ics.muni.cz>
Hi, if I try to pass certificate bundle to REST::Client it does not work correctly, i.e. the client is setting SSL options in request method via $ENV variable. However, it seems that this variable is not used by already instantiated LWP::UserAgent and is used only on the second run of program (like re-run in debugger, not launching it again). I think, that the correct solution would be to change this line: $ENV{'HTTPS_CA_FILE'} = $ca to $ua->ssl_opts(SSL_ca_file => $ca); and probably do the analogous thing for other $ENV settings $ENV{'HTTPS_CERT_FILE'} = $self->getCert; $ENV{'HTTPS_KEY_FILE'} = $self->getKey; REST::Client version: 249 LWP::UserAgent version: 6.04 Regards, Martin
  Sun Nov 03 08:00:27 2013 JCROSSWH [...] cpan.org - Correspondence added
I can confirm this, and the above solution does work. I've setup a client/server using IO::Socket::SSL and my own certificate authority that will complete the SSL handshake. If I try to use REST::Client in SSL mode with the server I get an error message about the certificate could not be validated. If I change REST::Client in the ways mentioned above then the handshake completes successfully and the client proceeds.
  Sun Nov 03 08:00:28 2013 The RT System itself - Status changed from 'new' to 'open'
  Sun Nov 03 18:43:09 2013 mcrawfor [...] cpan.org - Correspondence added
Yeah, I was waffling a little bit, because this only comes up with LWP 6, and the patch is not backwards compatible. But I think I'm just going to soldier on into the future. I'll get a release up soon. Sorry for the delay, I've been out of town and busy :( -m On Sun Nov 03 08:00:27 2013, JCROSSWH wrote: Show quoted text
> I can confirm this, and the above solution does work. I've setup a > client/server using IO::Socket::SSL and my own certificate authority > that will complete the SSL handshake. If I try to use REST::Client in > SSL mode with the server I get an error message about the certificate > could not be validated. If I change REST::Client in the ways > mentioned above then the handshake completes successfully and the > client proceeds.
  Sun Nov 03 23:55:24 2013 mcrawfor [...] cpan.org - Correspondence added
REST-Client-271 is indexing now, and should fix the issue, let me know if you have trouble. On Sun Nov 03 18:43:09 2013, MCRAWFOR wrote: Show quoted text
> Yeah, I was waffling a little bit, because this only comes up with LWP > 6, and the patch is not backwards compatible. But I think I'm just > going to soldier on into the future. I'll get a release up soon. > > Sorry for the delay, I've been out of town and busy :( > > -m > > On Sun Nov 03 08:00:27 2013, JCROSSWH wrote:
> > I can confirm this, and the above solution does work. I've setup a > > client/server using IO::Socket::SSL and my own certificate authority > > that will complete the SSL handshake. If I try to use REST::Client > > in > > SSL mode with the server I get an error message about the certificate > > could not be validated. If I change REST::Client in the ways > > mentioned above then the handshake completes successfully and the > > client proceeds.
  Sun Nov 03 23:55:24 2013 mcrawfor [...] cpan.org - Status changed from 'open' to 'resolved'