我收到以下错误尝试使用LWP连接到特定网站的https:安装对Perl 5.14.2新的CA证书LWP在Ubuntu 12.04
LWP::Protocol::https::Socket: SSL connect attempt failed with unknown errorerror:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed at /usr/local/share/perl/5.14.2/LWP/Protocol/http.pm line 51.
我试着用wget和有:
ERROR: cannot verify [domain]'s certificate, issued by `/C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certificates.godaddy.com/repository/CN=Go Daddy Secure Certification Authority/serialNumber=********':
Unable to locally verify the issuer's authority.
我搜索了一下,发现我可能不得不安装godaddy root ca cert。我想出了如何做到这一点(下载证书,放入/ usr/share/ca-certificates并运行update-ca-certificates)。我也学会了如何在这个过程中使用openssl s_client。
现在安装证书,wget的作品,但仍LWP失败,相同的错误也是如此的OpenSSL的s_client.First:
# openssl s_client -connect [domain]:443
CONNECTED(00000003)
depth=0 O = [domain], OU = Domain Control Validated, CN = [domain]
verify error:num=20:unable to get local issuer certificate
verify return:1
depth=0 O = [domain], OU = Domain Control Validated, CN = [domain]
verify error:num=27:certificate not trusted
verify return:1
depth=0 O = [domain], OU = Domain Control Validated, CN = [domain]
verify error:num=21:unable to verify the first certificate
verify return:1
我不知道接下来要去哪里得到这个工作。有什么建议么?
编辑:解决下面是一个简单的脚本,描述mikew的建议后,什么工作:
#!/usr/bin/perl
use LWP::UserAgent;
$URL="[domain]";
my $ua = LWP::UserAgent->new(ssl_opts => { SSL_ca_path=>'/etc/ssl/certs'});
my $response = $ua->get($URL);
这工作时,我只添加了SSL_ca_path。谢谢! –
好听!编辑答案以澄清只需要SSL_ca_file或SSL_ca_path中的一个。 – mikew