Question about Crypt::SSLeay

Discussion in 'Perl Misc' started by Jamie, Mar 3, 2007.

  1. Jamie

    Jamie Guest

    I'm using Crupt::SSLeay (the LWP interface)

    Wondering how one might (easily) confirm the key on the other side
    was from a known CA.

    My prototype in question:

    # MOZILLA.pem has both the key and the cert, but I could just as easily split them.
    $ENV{HTTPS_CERT_FILE} = 'cert/MOZILLA.pem';
    $ENV{HTTPS_KEY_FILE} = 'cert/MOZILLA.pem';
    $ENV{HTTPS_CA_FILE} = 'cert/cacert.crt';

    my $res = $ua->get($url);

    #
    # Will this ALWAYS be set if the server key is signed by a CA from some other
    # source than I have in cacert.crt ?
    #
    my $wrn = $res->header('client-ssl-warning'); # Can I rely on this being set if it's
    die "SSL: $wrn" if($wrn); # not signed proper?


    # I noticed I can get the issuer this way:
    my $ca_issue = $res->header('client-ssl-cert-issuer');
    # I get a bunch of "/O=Whatever/F=Another/Etc=Whatnot/CN=remote.cn.com"


    What I want to be absolutely certain of is that the server cert. is indeed signed
    by the CA in the file: cert/cacert.crt

    I could probably get a the ID from $ca_issue, but.. then I'd have to maintain two
    sets of data, I'd really rather just use cacert.crt

    What's the secure, right way to verify the remote host is who it says it is, assuming
    the CA in cacert.crt is known?

    Thanks!

    Jamie
    --
    http://www.geniegate.com Custom web programming
    Perl * Java * UNIX User Management Solutions
    Jamie, Mar 3, 2007
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. AdrianK
    Replies:
    0
    Views:
    1,516
    AdrianK
    Jul 9, 2003
  2. JD Vernon

    LWP, Crypt-SSLeay, CLI vs. WWW

    JD Vernon, Feb 24, 2004, in forum: Perl
    Replies:
    0
    Views:
    475
    JD Vernon
    Feb 24, 2004
  3. Cosmia Luna
    Replies:
    4
    Views:
    313
    Cosmia Luna
    Mar 11, 2012
  4. A. Ma

    Crypt::SSLeay

    A. Ma, Sep 15, 2003, in forum: Perl Misc
    Replies:
    7
    Views:
    177
    A. Ma
    Sep 16, 2003
  5. still me
    Replies:
    4
    Views:
    150
    J. Gleixner
    Oct 12, 2007
Loading...

Share This Page