在 PERL 中调用 restful Web 服务时如何包含 SSL 客户端证书
How to include a SSL Client Certificate when calling a restful web service in PERL
我正在尝试从 Linux 服务器调用 restful 网络服务。我提供了一个要包含的 .pem 文件以便调用它,但我不确定将它添加到我的 PERL 脚本中的何处。我不断收到“500 SSL 协商失败:”错误
我的 .PEM 文件名为:
/u/data/aFolder/cert/theCert.pem
这就是我的 PERL 脚本
#!/opt/standard_perl/perl5881/bin/perl -w
use strict;
use warnings;
use Data::Dumper;
use LWP::UserAgent;
use HTTP::Request;
use Crypt::SSLeay;
#Validates that a url is passed via the arguements
my $global_url;
if (!defined($ARGV[0]))
{
print "No URL passed";
exit 400;
}else
{
$global_url = $ARGV[0];
}
my $retry = 1;
# Retry logic, if service got a error code 500, it will
while ($retry <= 3)
{
# Connects to service, if response was sucessfull then it prints he content
# and exits the response code, else, retry 3 more times if the code was 500
my $response = connectToService($global_url);
if ($response->is_success)
{
print $response->content() . "\n";
exit($response->code);
}else
{
if ($response->code == 500 && $retry < 3)
{
$retry++;
next;
}
print $response->status_line() ."\n";
exit($response->code);
}
}
######################################
# Passes the url and calls the service
######################################
sub connectToService
{
my $url = shift;
my $agent = LWP::UserAgent->new;
my $request = HTTP::Request->new(GET => $url);
$request->header('Cache-Control' => 'no-cache');
$request->header('accept' => 'application/json');
return $agent->request($request);
}
我现在的结果是:
username@theServer:/u/is/bin $ serviceCall.pl https://thewebServiceURL.com:3122/services/v1/quantity/foo/bar/info/11111
500 SSL negotiation failed:
username@theServer:/u/is/bin $
非常感谢任何帮助
客户端证书的使用方式取决于 LWP 的版本和底层 SSL 库。对于 LWP 6.0 版(2011 年发布),默认情况下使用 IO::Socket::SSL 作为基础库,您可以使用 ssl_opts
:
提供证书
$agent->ssl_opts(
SSL_cert_file => 'cert.pem',
SSL_key_file => 'key.pem'
);
使用旧版本的 LWP Crypt::SSLeay 代替,然后您需要使用环境变量指定证书:
$ENV{HTTPS_CERT_FILE} = 'cert.pem';
$ENV{HTTPS_KEY_FILE} = 'key.pem';
您似乎在尝试强制使用 Crypt::SSLeay,但实际上我建议改用 IO::Socket::SSL,因为它是更现代的 SSL 库,可以正确验证证书(与 [相反) =21=]), 支持SNI等
我正在尝试从 Linux 服务器调用 restful 网络服务。我提供了一个要包含的 .pem 文件以便调用它,但我不确定将它添加到我的 PERL 脚本中的何处。我不断收到“500 SSL 协商失败:”错误
我的 .PEM 文件名为:
/u/data/aFolder/cert/theCert.pem
这就是我的 PERL 脚本
#!/opt/standard_perl/perl5881/bin/perl -w
use strict;
use warnings;
use Data::Dumper;
use LWP::UserAgent;
use HTTP::Request;
use Crypt::SSLeay;
#Validates that a url is passed via the arguements
my $global_url;
if (!defined($ARGV[0]))
{
print "No URL passed";
exit 400;
}else
{
$global_url = $ARGV[0];
}
my $retry = 1;
# Retry logic, if service got a error code 500, it will
while ($retry <= 3)
{
# Connects to service, if response was sucessfull then it prints he content
# and exits the response code, else, retry 3 more times if the code was 500
my $response = connectToService($global_url);
if ($response->is_success)
{
print $response->content() . "\n";
exit($response->code);
}else
{
if ($response->code == 500 && $retry < 3)
{
$retry++;
next;
}
print $response->status_line() ."\n";
exit($response->code);
}
}
######################################
# Passes the url and calls the service
######################################
sub connectToService
{
my $url = shift;
my $agent = LWP::UserAgent->new;
my $request = HTTP::Request->new(GET => $url);
$request->header('Cache-Control' => 'no-cache');
$request->header('accept' => 'application/json');
return $agent->request($request);
}
我现在的结果是:
username@theServer:/u/is/bin $ serviceCall.pl https://thewebServiceURL.com:3122/services/v1/quantity/foo/bar/info/11111
500 SSL negotiation failed:
username@theServer:/u/is/bin $
非常感谢任何帮助
客户端证书的使用方式取决于 LWP 的版本和底层 SSL 库。对于 LWP 6.0 版(2011 年发布),默认情况下使用 IO::Socket::SSL 作为基础库,您可以使用 ssl_opts
:
$agent->ssl_opts(
SSL_cert_file => 'cert.pem',
SSL_key_file => 'key.pem'
);
使用旧版本的 LWP Crypt::SSLeay 代替,然后您需要使用环境变量指定证书:
$ENV{HTTPS_CERT_FILE} = 'cert.pem';
$ENV{HTTPS_KEY_FILE} = 'key.pem';
您似乎在尝试强制使用 Crypt::SSLeay,但实际上我建议改用 IO::Socket::SSL,因为它是更现代的 SSL 库,可以正确验证证书(与 [相反) =21=]), 支持SNI等