Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   31170 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

Net::SSLGlue::LWP(3)  User Contributed Perl Documentation Net::SSLGlue::LWP(3)

NAME
       Net::SSLGlue::LWP - proper certificate checking for https in LWP

SYNOPSIS
	       use Net::SSLGlue::LWP SSL_ca_path => ...;
	       use LWP::Simple;
	       get( 'https://www....' );

	       {
		       local %Net::SSLGlue::LWP::SSLopts = %Net::SSLGlue::LWP::SSLopts;

		       # switch off verification
		       $Net::SSLGlue::LWP::SSLopts{SSL_verify_mode} = 0;

		       # or: set different verification policy, because cert does
		       # not conform to RFC (wildcards in CN are not allowed for https,
		       # but some servers do it anyway)
		       $Net::SSLGlue::LWP::SSLopts{SSL_verifycn_scheme} = {
			       wildcards_in_cn => 'anywhere',
			       check_cn => 'always',
		       };
	       }

DESCRIPTION
       Net::SSLGlue::LWP modifies Net::HTTPS and LWP::Protocol::https so that
       Net::HTTPS is forced to use IO::Socket::SSL instead of Crypt::SSLeay,
       and that LWP::Protocol::https does proper certificate checking using
       the "http" SSL_verify_scheme from IO::Socket::SSL.

       Because LWP does not have a mechanism to forward arbitrary parameters
       for the construction of the underlying socket these parameters can be
       set globally when including the package, or with local settings of the
       %Net::SSLGlue::LWP::SSLopts variable.

       All of the "SSL_*" parameter from IO::Socket::SSL can be used; the
       following parameters are especially useful:

       SSL_ca_path, SSL_ca_file
	   Specifies the path or a file where the CAs used for checking the
	   certificates are located. This is typically "etc/ssl/certs" on UNIX
	   systems.

       SSL_verify_mode
	   If set to 0, verification of the certificate will be disabled. By
	   default it is set to 1 which means that the peer certificate is
	   checked.

       SSL_verifycn_name
	   Usually the name given as the hostname in the constructor is used
	   to verify the identity of the certificate. If you want to check the
	   certificate against another name you can specify it with this
	   parameter.

SEE ALSO
       IO::Socket::SSL, LWP, Net::HTTPS, LWP::Protocol::https

COPYRIGHT
       This module is copyright (c) 2008, Steffen Ullrich.  All Rights
       Reserved.  This module is free software. It may be used, redistributed
       and/or modified under the same terms as Perl itself.

perl v5.14.1			  2011-07-17		  Net::SSLGlue::LWP(3)

Vote for polarhome