[SP-pm] Soap com ssl e autenticação usando pkcs#12

eutsiv :: Geovanny Junio geovanny at eutsiv.com.br
Tue Jan 12 07:29:48 PST 2010


Olá companheiros,

Os erros continuam, e eu já fiz tudo possível. Estava num ambiente Linux
(Debian), resolvi testar no windows XP com o Strawberry, funcionou de
primeira.
Acho que agora ficou mais fácil de achar o problema, assim que descobrir
posto aqui.

Grato,

--
Geovanny Junio
Consultor de Tecnologia
geovanny (at) eutsiv.com.br
+55 31 9422-8885
+55 31 3393-9132
www.eutsiv.com.br

Este e-mail pode conter informação privilegiada e confidencial. Se você não
é destinatário da
mensagem, por favor apague a mensagem e comunique-nos o fato de imediato.

This e-mail contains information that may be
privileged and confidential. If you are not the intended recipient, please
delete the e-mail and notify us immediately.


2010/1/9 Lindolfo "Lorn" Rodrigues <lorn.br at gmail.com>

> Você está certo, o LWP::UserAgent toma conta do SSL, mas você está usando o
> HTTP::Response! o LWP já usa ele por você.
>
> require LWP::UserAgent;
>
>  my $ua = LWP::UserAgent->new;
> my $response = $ua->get('https://www.submarino.com.br/');
>
> print $response->content;
>
> Faz o teste com seu post, usando o LWP direto, sem usar o HTTP::Response e
> ve se da certo
>
>
> 2010/1/9 eutsiv :: Geovanny Junio <geovanny at eutsiv.com.br>
>
> Olá Daniel, tudo bem?
>>
>> Quando a URL inicia com https, o LWP já faz uso do Crypt::SSLeay ou
>> Net::SSL.
>> E as duas já estão instaladas, na verdade parece que o handshake é
>> interrompido no finalzinho.
>>
>> Fiz testes e mais testes, acho que minha saída é tentar implementar sem
>> Lwp (gerar as requisições "na mão"), fazendo chamada ao Net::SSL na hora da
>> criptografia, e ver onde o processo de handshake pára.
>>
>> Grato,
>>
>> --
>> Geovanny Junio
>> Consultor de Tecnologia
>> geovanny (at) eutsiv.com.br
>> +55 31 9422-8885
>> +55 31 3393-9132
>> www.eutsiv.com.br
>>
>> Este e-mail pode conter informação privilegiada e confidencial. Se você
>> não é destinatário da
>> mensagem, por favor apague a mensagem e comunique-nos o fato de imediato.
>>
>> This e-mail contains information that may be
>> privileged and confidential. If you are not the intended recipient, please
>> delete the e-mail and notify us immediately.
>>
>>
>> 2010/1/9 Daniel de Oliveira Mantovani <
>> daniel.oliveira.mantovani at gmail.com>
>>
>> Olá, talvez você precise usar SSL.
>>>
>>> $cpan
>>> look LWP
>>> vim README.SSL
>>> "SSL SUPPORT
>>> -----------
>>>
>>> The libwww-perl package has support for using SSL/TLSv1 with its HTTP
>>> client and server classes. This support makes it possible to access
>>> https schemed URLs with LWP. Because of the problematic status of
>>> encryption software in general and certain encryption algorithms in
>>> particular, in several countries, libwww-perl package doesn't include
>>> SSL functionality out-of-the-box.
>>>
>>> Encryption support is obtained through the use of Crypt::SSLeay or
>>> IO::Socket::SSL, which can both be found from CPAN. While libwww-perl
>>> has "plug-and-play" support for both of these modules (as of v5.45),
>>> the recommended module to use is Crypt::SSLeay. In addition to
>>> bringing SSL support to the LWP package, IO::Socket::SSL can be used
>>> as an object oriented interface to SSL encrypted network sockets.
>>>
>>> There is yet another SSL interface for perl called Net::SSLeay. It has
>>> a more complete SSL interface and can be used for web client
>>> programming among other things but doesn't directly support LWP.
>>>
>>> The underlying SSL support in all of these modules is based on OpenSSL
>>> <http://www.openssl.org/> (formerly SSLeay). For WWW-server side SSL
>>> support (e.g. CGI/FCGI scripts) in Apache see <http://www.modssl.org/>."
>>>
>>> Da uma olhada:
>>> Crypt::SSLeay  =>
>>> http://search.cpan.org/~dland/Crypt-SSLeay-0.57/SSLeay.pm<http://search.cpan.org/%7Edland/Crypt-SSLeay-0.57/SSLeay.pm>
>>>
>>> *Eu não sei se é esse o problema*
>>>
>>> 2010/1/8 eutsiv :: Geovanny Junio <geovanny at eutsiv.com.br>:
>>> > Olá companheiros(as), tudo bem?
>>> > Estou trabalhando em um módulo para a NFSe, mas estou com problemas no
>>> > acesso ao webservice,
>>> > segue o código:
>>> > $ENV{HTTPS_DEBUG} = 1;
>>> > # Client PKCS12 cert support
>>> > $ENV{HTTPS_PKCS12_FILE} = 'mycert.pfx';
>>> > $ENV{HTTPS_PKCS12_PASSWORD} = 'mypass'';
>>> > my $userAgent = LWP::UserAgent->new();
>>> > my $request = HTTP::Request->new(POST =>
>>> > 'https://bhisshomologa.pbh.gov.br/bhiss-ws/nfse?wsdl'<https://bhisshomologa.pbh.gov.br/bhiss-ws/nfse?wsdl%27>
>>> );
>>> > $request->content($message);
>>> > $request->content_type("text/xml; charset=utf-8");
>>> > my $response = $userAgent->request($request);
>>> > if($response->code == 200) {
>>> > print $response->as_string;
>>> > }
>>> > else {
>>> > print $response->error_as_HTML;
>>> > }
>>> >
>>> >
>>> > Mas sempre o obtenho o seguinte erro:
>>> > SSL_connect:before/connect initialization
>>> > SSL_connect:SSLv3 write client hello A
>>> > SSL_connect:SSLv3 read server hello A
>>> > SSL_connect:SSLv3 read server certificate A
>>> > SSL_connect:SSLv3 read server key exchange A
>>> > SSL_connect:SSLv3 read server done A
>>> > SSL_connect:SSLv3 write client key exchange A
>>> > SSL_connect:SSLv3 write change cipher spec A
>>> > SSL_connect:SSLv3 write finished A
>>> > SSL_connect:SSLv3 flush data
>>> > SSL_connect:SSLv3 read finished A
>>> > <html>
>>> > <head><title>An Error Occurred</title></head>
>>> > <body>
>>> > <h1>An Error Occurred</h1>
>>> > <p>500 SSL read timeout: </p>
>>> > </body>
>>> > </html>
>>> > Já pesquisei, alterei o tempo de timeout, mas nada. Alguém sabe o
>>> caminho
>>> > das pedras?
>>> > Desde já grato.
>>> > --
>>> > Geovanny Junio
>>> > Consultor de Tecnologia
>>> > geovanny (at) eutsiv.com.br
>>> > +55 31 9422-8885
>>> > +55 31 3393-9132
>>> > www.eutsiv.com.br
>>> >
>>> > Este e-mail pode conter informação privilegiada e confidencial. Se você
>>> não
>>> > é destinatário da
>>> > mensagem, por favor apague a mensagem e comunique-nos o fato de
>>> imediato.
>>> >
>>> > This e-mail contains information that may be
>>> > privileged and confidential. If you are not the intended recipient,
>>> please
>>> > delete the e-mail and notify us immediately.
>>> >
>>> > _______________________________________________
>>> > SaoPaulo-pm mailing list
>>> > SaoPaulo-pm at pm.org
>>> > http://mail.pm.org/mailman/listinfo/saopaulo-pm
>>> >
>>>
>>>
>>>
>>> --
>>> If you’ve never written anything thoughtful, then you’ve never had any
>>> difficult, important, or interesting thoughts. That’s the secret:
>>> people who don’t write, are people who don’t think.
>>> _______________________________________________
>>> SaoPaulo-pm mailing list
>>> SaoPaulo-pm at pm.org
>>> http://mail.pm.org/mailman/listinfo/saopaulo-pm
>>>
>>
>>
>> _______________________________________________
>> SaoPaulo-pm mailing list
>> SaoPaulo-pm at pm.org
>> http://mail.pm.org/mailman/listinfo/saopaulo-pm
>>
>
>
>
> --
> lorn at lornlab dot org
> Lindolfo "Lorn" Rodrigues
>
>
> _______________________________________________
> SaoPaulo-pm mailing list
> SaoPaulo-pm at pm.org
> http://mail.pm.org/mailman/listinfo/saopaulo-pm
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.pm.org/pipermail/saopaulo-pm/attachments/20100112/4d1f89c3/attachment-0001.html>


More information about the SaoPaulo-pm mailing list