Perl 具有自签名客户端证书的相互身份验证SSL_Perl_Ssl_Mutual Authentication

Perl 具有自签名客户端证书的相互身份验证SSL

perl ssl

Perl 具有自签名客户端证书的相互身份验证SSL,perl,ssl,mutual-authentication,Perl,Ssl,Mutual Authentication,在我们公司，我目前有一个通过SSL通过HTTPS连接到外部供应商的脚本。该脚本仅执行服务器身份验证。就是这样： use HTML::Parser; use HTTP::Request::Common; use LWP::UserAgent; use XML::Simple; local $ENV{HTTPS_CERT_FILE} = '../cert/abc.vendor.crt'; local $ENV{HTTPS_PROXY} = 'https://proxy.com:8080'; loc

在我们公司，我目前有一个通过SSL通过HTTPS连接到外部供应商的脚本。该脚本仅执行服务器身份验证。就是这样：

use HTML::Parser;
use HTTP::Request::Common;
use LWP::UserAgent;
use XML::Simple;

local $ENV{HTTPS_CERT_FILE} = '../cert/abc.vendor.crt';
local $ENV{HTTPS_PROXY} = 'https://proxy.com:8080';
local $ENV{HTTPS_DEBUG} = 0;
my $vendor_server = 'https:abc.vendor.site.com';

my $xml = "XML code here";

my $request = (POST $vendor_server, Content_Type => 'text/xml; charset=utf-8', Content => $xml);
my $ua = LWP::UserAgent->new();
my $response = $ua->request($request);

if ( $response->is_success() ) {
    return $response;
}
else {
    return "Error message";
}

这是根据需要工作的，但由于严格的法规遵从性和安全性，我们现在需要通过自签名证书使其成为“相互身份验证”。我尝试将HTTPS\u调试更改为1，并在其后面添加以下两行。“myserver.crt”是我创建CSR后的一个内部自签名证书（我希望这些细节是正确的，很明显，我对SSL不是很精通）：

但在运行脚本时，我遇到以下错误：

Connecting to abc over SSL and sending POST
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL3 alert write:fatal:unknown CA
SSL_connect:error in SSLv3 read server certificate B
SSL_connect:error in SSLv3 read server certificate B
SSL_connect:before/connect initialization
SSL_connect:SSLv3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL3 alert write:fatal:bad certificate
SSL_connect:error in SSLv3 read server certificate B
SSL_connect:before/connect initialization
SSL_connect:SSLv2 write client hello A
SSL_connect:failed in SSLv2 read server hello A
Ticket FAILED
$VAR1 = '500 SSL negotiation failed: ';

我做错了什么

谢谢你的帮助

13142:error:2006D080:BIO例程：BIO_new_文件：没有这样的文件：bss_文件。c:107:

13142:error:0B084002:x509证书例程：x509_load_cert_crl_文件：系统库：by_文件。c:279:

连接：没有到主机的路由

连接：errno=113

…谢谢……当我使用mycert.crt而不是mycert.crt时foo，$>echo-n | openssl s|u client-CAfile../etc/wpidev1.crt-connect example.com:443

connect:No route to host

connect:errno=29

另请参阅和。

Connecting to abc over SSL and sending POST
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL3 alert write:fatal:unknown CA
SSL_connect:error in SSLv3 read server certificate B
SSL_connect:error in SSLv3 read server certificate B
SSL_connect:before/connect initialization
SSL_connect:SSLv3 write client hello A
SSL_connect:SSLv3 read server hello A
SSL3 alert write:fatal:bad certificate
SSL_connect:error in SSLv3 read server certificate B
SSL_connect:before/connect initialization
SSL_connect:SSLv2 write client hello A
SSL_connect:failed in SSLv2 read server hello A
Ticket FAILED
$VAR1 = '500 SSL negotiation failed: ';