develooper Front page | perl.libwww | Postings from November 2001

RE: GET an https page with unrecognized certificate behind aprox y

From:
Han, Zheng J
Date:
November 5, 2001 11:57
Subject:
RE: GET an https page with unrecognized certificate behind aprox y
Message ID:
7B83218F8AACD51199BF0002A5ADEE08841885@exnyc06.lehman.com

this sounds like proxy related issue ( I see your proxy is netscape proxy
server)

if you runs your little script against https://login.yahoo.com/, then check
out the related proxy access log entries. Only if the proxy log shows that
your perl script is using CONNECT method, then you may twist some options in
your script to ignore the invalid cert.

However, if you see "GET" method instead of CONNECT in proxy log, then the
fix should be on proxy server side(cert5.db), nothing to do with the perl
script.

Hope this helps.

> -----Original Message-----
> From:	nronayette@alphacsp.com [SMTP:nronayette@alphacsp.com]
> Sent:	Monday, October 29, 2001 5:30 AM
> To:	WORENKLEIN, David, GCM
> Cc:	libwww@perl.org
> Subject:	RE: GET an https page with unrecognized certificate behind a
> prox y
> 
> Thanks for your answer.
> First i forgot something : my libwww-perl version is 5.53.
> 
> I'd change the LWP/Protocol/http.pm and https.pm files as link on
> sourceforge
> show (the diff file in
> http://sourceforge.net/tracker/download.php?group_id=14630&atid=314630&fil
> e_id=538&aid=403773).
> But my little script still complaint. I think that i don't use it as it
> should.
> Do someone have a link or example to use it correctly ?
> 
> It's seems that my little script don't use the sub request in https.pm
> 
> Anything i missed ?
> 
> Nicolas
> 
> 
> 
> En réponse à "WORENKLEIN, David, GCM" <David.Worenklein@gcm.com>:
> 
> > LWP issues the following command to the proxy
> > GET https://my.url.net HTTP/1.0 ...
> > 
> > Your browser probably bypasses the proxy and uses this command
> > CONNECT my.url.net:443 HTTP/1.0 ...
> > and then does SSL negotiation by itself.
> > 
> > If you look on sourceforge.net, you will see a patch (to an older
> > version
> > of LWP) that will solve your problem.
> > 
> > -----Original Message-----
> > From: nronayette@alphacsp.com [mailto:nronayette@alphacsp.com]
> > Sent: Friday, October 26, 2001 6:34 AM
> > To: libwww@perl.org
> > Subject: GET an https page with unrecognized certificate behind a proxy
> > 
> > Hello list ,
> > 
> > I'm trying to get a request with a little perl script :
> > 
> > 
> > #!/usr/bin/perl -w
> > use LWP::UserAgent;
> > use HTTP::Request::Common;
> > 
> > my $ua = new LWP::UserAgent;
> > my $URL = 'https://my.url.net/';
> > 
> > $ua->proxy(['http','https', 'ftp'], 'http://proxy.frontofme:2010/');
> > my $res = $ua->request(new HTTP::Request GET => $URL);
> > print $res->content."\n";
> > 
> > 
> > If i tried to reach https://login.yahoo.com/, it's working very well and
> > i
> > get
> > the content of the page.
> > If i tried another web site which have an old certificate, i've got the
> > following from the proxy :
> > 
> > "
> > The requested item could not be loaded by the proxy.<P>
> > The certificate issuer for this server is not recognized by
> > Netscape. The security certificate may or may not be valid.
> > 
> > Netscape refuses to connect to this server.<P>
> > "
> > (It a Netscape-Proxy/3.52)
> > 
> > I know also that i can connect to this site with my browser that tell
> > me
> > also
> > that the certificate may not be valid. But at the end i've got the
> > page.
> > 
> > Is somenone know how make this script working (like my browser), how
> > tell
> > to the
> > proxy that we don't care if the certificate is valid and get the page
> > anyway ?
> > 
> > I didn't find any answer on google groups or in this mailing list
> > archive.
> > If i didn't post at the right mailling list please apologize.
> > 
> > Thanks in advance for your help
> > 
> > Nicolas
> > 
> > 
> > 
> > 
> > 
> > **********************************************************************
> > This e-mail is intended only for the addressee named above.
> > As this e-mail may contain confidential or privileged information,
> > if you are not the named addressee, you are not authorised to
> > retain, read, copy or disseminate this message or any part of it.
> > ************************************************************************
> >  
> > 


------------------------------------------------------------------------------
This message is intended only for the personal and confidential use of the designated recipient(s) named above.  If you are not the intended recipient of this message you are hereby notified that any review, dissemination, distribution or copying of this message is strictly prohibited.  This communication is for information purposes only and should not be regarded as an offer to sell or as a solicitation of an offer to buy any financial product, an official confirmation of any transaction, or as an official statement of Lehman Brothers.  Email transmission cannot be guaranteed to be secure or error-free.  Therefore, we do not represent that this information is complete or accurate and it should not be relied upon as such.  All information is subject to change without notice.





nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About