HTTPS SSLeay problems - any experts out there?

I

Ira Lee

Hi. I'm having a bit of trouble using a Perl script that will login to
a secure website... and then access subsequent pages with a cookie.
This works when accessing manually via the browser (Konqueror) which
then accepts the cookie and allows me to login to subsequent pages
with the valid cookie. It appears that the HTTP/SSLeay installation
is working fine since no errors come up when I access "https://"
directives. I just haven't been able to get beyond logging in.

I have tried many things, but I haven't been able to get my perl
script to authenticate successfully. Everything works fine on
non-secure (http://) websites.

I did notice a "Client-SSL-Warning: Peer certificate not verified"
warning in the header that I get returned to me.

I have tried many things, but no success, am I missing something
obvious here?
I am running FreeBSD 4.8 with Perl 5.6.1 with the Crypt-SSLeay 0.51.

This is my script:

-----------------------------
#!/usr/local/bin/perl -w
use strict;
use Crypt::SSLeay;
use LWP::UserAgent;
use LWP::Simple;
use HTTP::Request::Common qw(POST);
use HTTP::Cookies;

my $ua = LWP::UserAgent->new;
my $cookie_jar = HTTP::Cookies->new(file => "lwpcookies2.txt",
autosave => 1);
$ua->cookie_jar( $cookie_jar);
$ua->agent('Mozilla/5.0');
my $url = 'https://www.sdmediagroup.com/registration/';
my $req = POST $url, ['login' => 'me', 'password' => 'mypass'];
my $res = $ua->request($req);
$cookie_jar->extract_cookies($res);

if ($res->is_success) {
# print out result to look at headers
print $res->as_string;

# access page with cookie secured after logged in
my $req = HTTP::Request->new(GET => 'http://www.ddj.com/');
$cookie_jar->add_cookie_header($req);
$res = $ua->request($req);
print $res->as_string;
} else {
print "Failed: ", $res->status_line, "\n";
}
----------------------------

The response I get from the login POST is this:
HTTP/1.1 200 OK
Cache-Control: private
Connection: close
Date: Tue, 29 Jun 2004 22:06:17 GMT
Server: Apache/1.3.28 (Unix) PHP/4.3.3 mod_ssl/2.8.15 OpenSSL/0.9.7a
Resin/2.1.10
Content-Length: 1132
Content-Type: text/html
Content-Type: text/html; charset=iso-8859-1
Client-Date: Tue, 29 Jun 2004 22:06:34 GMT
Client-Peer: 66.77.26.213:443
Client-Response-Num: 1
Client-SSL-Cert-Issuer: /C=US/O=Equifax Secure Inc./CN=Equifax Secure
Global eBusines
s CA-1
Client-SSL-Cert-Subject:
/C=US/O=www.sdmediagroup.com/OU=https://services.choicepoint
..net/get.jsp?2922628099/OU=See www.geotrust.com/quickssl/cps
(c)04/OU=Domain Control
Validated/CN=www.sdmediagroup.com
Client-SSL-Cipher: DHE-RSA-AES256-SHA
Client-SSL-Warning: Peer certificate not verified
Set-Cookie: JSESSIONID=aQEjvqhLgLTd; path=/

..... html saying that an error has occured processing the request...


Subsequent page accesses don't work obviously because of invalid
cookie due to failed login.

Any help would be greatly appreciated! Thanks in advance.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

Forum statistics

Threads
473,744
Messages
2,569,483
Members
44,901
Latest member
Noble71S45

Latest Threads

Top