G
goldt
Hi,
i would like to do the following in perl:
openssl s_client -connect $server:$port -showcerts < /dev/null |
openssl x509 -text -noout
The only function i found was Net::SSLeay::get_peer_certificate() but
this only returns 2 entries of the certificate (subject and issuer).
The server is not a web server so don't point me to get_https3.
So far this is the closest but useless solution i found:
sub getcert
{
my ($host, $port)= @_;
$port = getservbyname ($port, 'tcp') unless $port =~ /^\d+$/;
my $dest_ip = gethostbyname ($host);
my $dest_serv_params = sockaddr_in($port, $dest_ip);
socket (S, &AF_INET, &SOCK_STREAM, 0) or die "socket: $!";
connect (S, $dest_serv_params) or die "connect: $!";
select (S); $| = 1; select (STDOUT);
my $ctx = Net::SSLeay::CTX_new() or die_now("Failed to create SSL_CTX
$!");
my $ssl = Net::SSLeay::new($ctx) or die_now("Failed to create SSL
$!");
Net::SSLeay::set_fd($ssl, fileno(S)); # Must use fileno
my $res = Net::SSLeay::connect($ssl);
my $cert = Net::SSLeay::get_peer_certificate($ssl);
Net::SSLeay::free ($ssl);
Net::SSLeay::CTX_free ($ctx);
close S;
return($cert);
}
Any ideas ?
i would like to do the following in perl:
openssl s_client -connect $server:$port -showcerts < /dev/null |
openssl x509 -text -noout
The only function i found was Net::SSLeay::get_peer_certificate() but
this only returns 2 entries of the certificate (subject and issuer).
The server is not a web server so don't point me to get_https3.
So far this is the closest but useless solution i found:
sub getcert
{
my ($host, $port)= @_;
$port = getservbyname ($port, 'tcp') unless $port =~ /^\d+$/;
my $dest_ip = gethostbyname ($host);
my $dest_serv_params = sockaddr_in($port, $dest_ip);
socket (S, &AF_INET, &SOCK_STREAM, 0) or die "socket: $!";
connect (S, $dest_serv_params) or die "connect: $!";
select (S); $| = 1; select (STDOUT);
my $ctx = Net::SSLeay::CTX_new() or die_now("Failed to create SSL_CTX
$!");
my $ssl = Net::SSLeay::new($ctx) or die_now("Failed to create SSL
$!");
Net::SSLeay::set_fd($ssl, fileno(S)); # Must use fileno
my $res = Net::SSLeay::connect($ssl);
my $cert = Net::SSLeay::get_peer_certificate($ssl);
Net::SSLeay::free ($ssl);
Net::SSLeay::CTX_free ($ctx);
close S;
return($cert);
}
Any ideas ?