Warning: file_get_contents(/data/phpspider/zhask/data//catemap/8/perl/11.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Perl Mojo::UserAgent TLS/SSL证书身份验证_Perl_Mojolicious - Fatal编程技术网
Fatal编程技术网
  • perl/
  • Perl Mojo::UserAgent TLS/SSL证书身份验证

Perl Mojo::UserAgent TLS/SSL证书身份验证

perl

Perl Mojo::UserAgent TLS/SSL证书身份验证,perl,mojolicious,Perl,Mojolicious,我是Mojolicious的新手,我正在尝试使用Mojo::UserAgent脚本来使用TLS证书颁发机构和TLS证书文件,但证书文件受密码保护。我在传递密码时遇到问题,因此无法打开客户端证书 我有以下代码: #!/usr/bin/env perl use Modern::Perl; use Mojo::UserAgent; IO::Socket::SSL::set_defaults(SSL_passwd_cb => sub {return "password";}); my $ua =

我是Mojolicious的新手,我正在尝试使用Mojo::UserAgent脚本来使用TLS证书颁发机构和TLS证书文件,但证书文件受密码保护。我在传递密码时遇到问题,因此无法打开客户端证书

我有以下代码:


#!/usr/bin/env perl

use Modern::Perl;
use Mojo::UserAgent;

IO::Socket::SSL::set_defaults(SSL_passwd_cb => sub {return "password";});
my $ua = Mojo::UserAgent->new;
my $base_dir = '/path/to/certs/';
$ua->ca($base_dir . 'ca-cert.crt');
$ua->cert($base_dir . 'clientcert.crt');
my $tx = $ua->build_tx(POST => '/POST HTTP/1.1');
$tx->req->url->parse('https://example.com:12345');
$ua->start($tx);

if(my $res = $tx->success) {
  say $res->body;
  print Dumper($tx);
} else {
  my ($err, $code) = $tx->error;
  say $code ? "$code response: $err" : "Connection error: $err";
}

#!/usr/bin/env perl

use Modern::Perl;
use Mojo::UserAgent;

my $ua = Mojo::UserAgent->new;
my $base_dir = '/path/to/certs/';
$ua->ca($base_dir . 'ca-cert.crt');
$ua->cert($base_dir . 'clientcert.crt');

my $bio = Net::SSLeay::BIO_new_file($base_dir . 'clientcert.crt', 'r');
my $privkey = Net::SSLeay::PEM_read_bio_PrivateKey($bio, undef, 'password');
$ua->key($privkey);

my $tx = $ua->post('https://example.com:12345');

if(my $res = $tx->success) {
  say $res->body;
  print Dumper($tx);
} else {
  my ($err, $code) = $tx->error;
  say $code ? "$code response: $err" : "Connection error: $err";
}
我已使用以下内容验证了证书:

SSL_key       => $args->{tls_key},
#SSL_key_file       => $args->{tls_key},

openssl s_客户端-连接主机:端口-CApath/path/to/cert-CAfile ca-cert.crt-cert-clientcert.crt

我被提示:

为clientcert.crt输入密码短语:

我输入密码并正确验证

那么,如何获取IO::Socket::SSL的密码呢?

我找到了一个解决方案(并报告了这个问题),所以现在您可以通过以下方法解决这个问题

在Mojo::IOLoop::Client中更改了以下内容:

SSL_key       => $args->{tls_key},
#SSL_key_file       => $args->{tls_key},
然后,您可以使用以下代码进行身份验证:


#!/usr/bin/env perl

use Modern::Perl;
use Mojo::UserAgent;

IO::Socket::SSL::set_defaults(SSL_passwd_cb => sub {return "password";});
my $ua = Mojo::UserAgent->new;
my $base_dir = '/path/to/certs/';
$ua->ca($base_dir . 'ca-cert.crt');
$ua->cert($base_dir . 'clientcert.crt');
my $tx = $ua->build_tx(POST => '/POST HTTP/1.1');
$tx->req->url->parse('https://example.com:12345');
$ua->start($tx);

if(my $res = $tx->success) {
  say $res->body;
  print Dumper($tx);
} else {
  my ($err, $code) = $tx->error;
  say $code ? "$code response: $err" : "Connection error: $err";
}

#!/usr/bin/env perl

use Modern::Perl;
use Mojo::UserAgent;

my $ua = Mojo::UserAgent->new;
my $base_dir = '/path/to/certs/';
$ua->ca($base_dir . 'ca-cert.crt');
$ua->cert($base_dir . 'clientcert.crt');

my $bio = Net::SSLeay::BIO_new_file($base_dir . 'clientcert.crt', 'r');
my $privkey = Net::SSLeay::PEM_read_bio_PrivateKey($bio, undef, 'password');
$ua->key($privkey);

my $tx = $ua->post('https://example.com:12345');

if(my $res = $tx->success) {
  say $res->body;
  print Dumper($tx);
} else {
  my ($err, $code) = $tx->error;
  say $code ? "$code response: $err" : "Connection error: $err";
}
你真的需要那个密码吗?删除它怎么样?不幸的是,是的,我连接到一个远程系统,他们以这种方式分发证书。谢谢@Joel Berger,看起来好多了。