Howto receive SSL certificate with perl ?

Discussion in 'Perl Misc' started by goldt, Dec 12, 2005.

  1. goldt

    goldt Guest

    Hi,

    i would like to do the following in perl:

    openssl s_client -connect $server:$port -showcerts < /dev/null |
    openssl x509 -text -noout

    The only function i found was Net::SSLeay::get_peer_certificate() but
    this only returns 2 entries of the certificate (subject and issuer).
    The server is not a web server so don't point me to get_https3.

    So far this is the closest but useless solution i found:

    sub getcert
    {
    my ($host, $port)= @_;

    $port = getservbyname ($port, 'tcp') unless $port =~ /^\d+$/;
    my $dest_ip = gethostbyname ($host);

    my $dest_serv_params = sockaddr_in($port, $dest_ip);

    socket (S, &AF_INET, &SOCK_STREAM, 0) or die "socket: $!";
    connect (S, $dest_serv_params) or die "connect: $!";
    select (S); $| = 1; select (STDOUT);

    my $ctx = Net::SSLeay::CTX_new() or die_now("Failed to create SSL_CTX
    $!");
    my $ssl = Net::SSLeay::new($ctx) or die_now("Failed to create SSL
    $!");
    Net::SSLeay::set_fd($ssl, fileno(S)); # Must use fileno
    my $res = Net::SSLeay::connect($ssl);
    my $cert = Net::SSLeay::get_peer_certificate($ssl);
    Net::SSLeay::free ($ssl);
    Net::SSLeay::CTX_free ($ctx);
    close S;
    return($cert);
    }

    Any ideas ?
     
    goldt, Dec 12, 2005
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.