[SP-pm] Soap com ssl e autenticação usando pkcs#12

Sat Jan 9 12:07:30 PST 2010

Você está certo, o LWP::UserAgent toma conta do SSL, mas você está usando o
HTTP::Response! o LWP já usa ele por você.

require LWP::UserAgent;

 my $ua = LWP::UserAgent->new;
my $response = $ua->get('https://www.submarino.com.br/');

print $response->content;

Faz o teste com seu post, usando o LWP direto, sem usar o HTTP::Response e
ve se da certo

2010/1/9 eutsiv :: Geovanny Junio <geovanny em eutsiv.com.br>

> Olá Daniel, tudo bem?
>
> Quando a URL inicia com https, o LWP já faz uso do Crypt::SSLeay ou
> Net::SSL.
> E as duas já estão instaladas, na verdade parece que o handshake é
> interrompido no finalzinho.
>
> Fiz testes e mais testes, acho que minha saída é tentar implementar sem Lwp
> (gerar as requisições "na mão"), fazendo chamada ao Net::SSL na hora da
> criptografia, e ver onde o processo de handshake pára.
>
> Grato,
>
> --
> Geovanny Junio
> Consultor de Tecnologia
> geovanny (at) eutsiv.com.br
> +55 31 9422-8885
> +55 31 3393-9132
> www.eutsiv.com.br
>
> Este e-mail pode conter informação privilegiada e confidencial. Se você não
> é destinatário da
> mensagem, por favor apague a mensagem e comunique-nos o fato de imediato.
>
> This e-mail contains information that may be
> privileged and confidential. If you are not the intended recipient, please
> delete the e-mail and notify us immediately.
>
>
> 2010/1/9 Daniel de Oliveira Mantovani <daniel.oliveira.mantovani em gmail.com
> >
>
> Olá, talvez você precise usar SSL.
>>
>> $cpan
>> look LWP
>> vim README.SSL
>> "SSL SUPPORT
>> -----------
>>
>> The libwww-perl package has support for using SSL/TLSv1 with its HTTP
>> client and server classes. This support makes it possible to access
>> https schemed URLs with LWP. Because of the problematic status of
>> encryption software in general and certain encryption algorithms in
>> particular, in several countries, libwww-perl package doesn't include
>> SSL functionality out-of-the-box.
>>
>> Encryption support is obtained through the use of Crypt::SSLeay or
>> IO::Socket::SSL, which can both be found from CPAN. While libwww-perl
>> has "plug-and-play" support for both of these modules (as of v5.45),
>> the recommended module to use is Crypt::SSLeay. In addition to
>> bringing SSL support to the LWP package, IO::Socket::SSL can be used
>> as an object oriented interface to SSL encrypted network sockets.
>>
>> There is yet another SSL interface for perl called Net::SSLeay. It has
>> a more complete SSL interface and can be used for web client
>> programming among other things but doesn't directly support LWP.
>>
>> The underlying SSL support in all of these modules is based on OpenSSL
>> <http://www.openssl.org/> (formerly SSLeay). For WWW-server side SSL
>> support (e.g. CGI/FCGI scripts) in Apache see <http://www.modssl.org/>."
>>
>> Da uma olhada:
>> Crypt::SSLeay  =>
>> http://search.cpan.org/~dland/Crypt-SSLeay-0.57/SSLeay.pm<http://search.cpan.org/%7Edland/Crypt-SSLeay-0.57/SSLeay.pm>
>>
>> *Eu não sei se é esse o problema*
>>
>> 2010/1/8 eutsiv :: Geovanny Junio <geovanny em eutsiv.com.br>:
>> > Olá companheiros(as), tudo bem?
>> > Estou trabalhando em um módulo para a NFSe, mas estou com problemas no
>> > acesso ao webservice,
>> > segue o código:
>> > $ENV{HTTPS_DEBUG} = 1;
>> > # Client PKCS12 cert support
>> > $ENV{HTTPS_PKCS12_FILE} = 'mycert.pfx';
>> > $ENV{HTTPS_PKCS12_PASSWORD} = 'mypass'';
>> > my $userAgent = LWP::UserAgent->new();
>> > my $request = HTTP::Request->new(POST =>
>> > 'https://bhisshomologa.pbh.gov.br/bhiss-ws/nfse?wsdl'<https://bhisshomologa.pbh.gov.br/bhiss-ws/nfse?wsdl%27>
>> );
>> > $request->content($message);
>> > $request->content_type("text/xml; charset=utf-8");
>> > my $response = $userAgent->request($request);
>> > if($response->code == 200) {
>> > print $response->as_string;
>> > }
>> > else {
>> > print $response->error_as_HTML;
>> > }
>> >
>> >
>> > Mas sempre o obtenho o seguinte erro:
>> > SSL_connect:before/connect initialization
>> > SSL_connect:SSLv3 write client hello A
>> > SSL_connect:SSLv3 read server hello A
>> > SSL_connect:SSLv3 read server certificate A
>> > SSL_connect:SSLv3 read server key exchange A
>> > SSL_connect:SSLv3 read server done A
>> > SSL_connect:SSLv3 write client key exchange A
>> > SSL_connect:SSLv3 write change cipher spec A
>> > SSL_connect:SSLv3 write finished A
>> > SSL_connect:SSLv3 flush data
>> > SSL_connect:SSLv3 read finished A
>> > <html>
>> > <head><title>An Error Occurred</title></head>
>> > <body>
>> > <h1>An Error Occurred</h1>
>> > <p>500 SSL read timeout: </p>
>> > </body>
>> > </html>
>> > Já pesquisei, alterei o tempo de timeout, mas nada. Alguém sabe o
>> caminho
>> > das pedras?
>> > Desde já grato.
>> > --
>> > Geovanny Junio
>> > Consultor de Tecnologia
>> > geovanny (at) eutsiv.com.br
>> > +55 31 9422-8885
>> > +55 31 3393-9132
>> > www.eutsiv.com.br
>> >
>> > Este e-mail pode conter informação privilegiada e confidencial. Se você
>> não
>> > é destinatário da
>> > mensagem, por favor apague a mensagem e comunique-nos o fato de
>> imediato.
>> >
>> > This e-mail contains information that may be
>> > privileged and confidential. If you are not the intended recipient,
>> please
>> > delete the e-mail and notify us immediately.
>> >
>> > _______________________________________________
>> > SaoPaulo-pm mailing list
>> > SaoPaulo-pm em pm.org
>> > http://mail.pm.org/mailman/listinfo/saopaulo-pm
>> >
>>
>>
>>
>> --
>> If you’ve never written anything thoughtful, then you’ve never had any
>> difficult, important, or interesting thoughts. That’s the secret:
>> people who don’t write, are people who don’t think.
>> _______________________________________________
>> SaoPaulo-pm mailing list
>> SaoPaulo-pm em pm.org
>> http://mail.pm.org/mailman/listinfo/saopaulo-pm
>>
>
>
> _______________________________________________
> SaoPaulo-pm mailing list
> SaoPaulo-pm em pm.org
> http://mail.pm.org/mailman/listinfo/saopaulo-pm
>

-- 
lorn at lornlab dot org
Lindolfo "Lorn" Rodrigues
-------------- Pr?xima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://mail.pm.org/pipermail/saopaulo-pm/attachments/20100109/e48667f4/attachment.html>