[SP-pm] Soap com ssl e autenticação usando pkcs#12

eutsiv :: Geovanny Junio geovanny at eutsiv.com.br
Tue Jan 12 07:41:07 PST 2010 

O Crypt::SSLeay eu instalei, o Net::SSL não, vou fazer os testes.

Sim, o openssl está instalado :)

Grato,

--
Geovanny Junio
Consultor de Tecnologia
geovanny (at) eutsiv.com.br
+55 31 9422-8885
+55 31 3393-9132
www.eutsiv.com.br

Este e-mail pode conter informação privilegiada e confidencial. Se você não
é destinatário da
mensagem, por favor apague a mensagem e comunique-nos o fato de imediato.

This e-mail contains information that may be
privileged and confidential. If you are not the intended recipient, please
delete the e-mail and notify us immediately.


2010/1/12 Daniel de Oliveira Mantovani <daniel.oliveira.mantovani at gmail.com>

> Dúvida, você instalou o Crypt::SSLeay e o Net::SSL ou já estavam instalados
> ?
> Se já tiverem instalados, rode o teste de ambos.
>
> Só não diga que o openssl não está instalado :)
>
> []'s
>
> 2010/1/12 eutsiv :: Geovanny Junio <geovanny at eutsiv.com.br>:
> > Olá companheiros,
> > Os erros continuam, e eu já fiz tudo possível. Estava num ambiente Linux
> > (Debian), resolvi testar no windows XP com o Strawberry, funcionou de
> > primeira.
> > Acho que agora ficou mais fácil de achar o problema, assim que descobrir
> > posto aqui.
> > Grato,
> > --
> > Geovanny Junio
> > Consultor de Tecnologia
> > geovanny (at) eutsiv.com.br
> > +55 31 9422-8885
> > +55 31 3393-9132
> > www.eutsiv.com.br
> >
> > Este e-mail pode conter informação privilegiada e confidencial. Se você
> não
> > é destinatário da
> > mensagem, por favor apague a mensagem e comunique-nos o fato de imediato.
> >
> > This e-mail contains information that may be
> > privileged and confidential. If you are not the intended recipient,
> please
> > delete the e-mail and notify us immediately.
> >
> >
> > 2010/1/9 Lindolfo "Lorn" Rodrigues <lorn.br at gmail.com>
> >>
> >> Você está certo, o LWP::UserAgent toma conta do SSL, mas você está
> usando
> >> o HTTP::Response! o LWP já usa ele por você.
> >> require LWP::UserAgent;
> >>
> >>  my $ua = LWP::UserAgent->new;
> >> my $response = $ua->get('https://www.submarino.com.br/');
> >> print $response->content;
> >> Faz o teste com seu post, usando o LWP direto, sem usar o HTTP::Response
> e
> >> ve se da certo
> >>
> >> 2010/1/9 eutsiv :: Geovanny Junio <geovanny at eutsiv.com.br>
> >>>
> >>> Olá Daniel, tudo bem?
> >>>
> >>> Quando a URL inicia com https, o LWP já faz uso do Crypt::SSLeay ou
> >>> Net::SSL.
> >>> E as duas já estão instaladas, na verdade parece que o handshake é
> >>> interrompido no finalzinho.
> >>>
> >>> Fiz testes e mais testes, acho que minha saída é tentar implementar sem
> >>> Lwp (gerar as requisições "na mão"), fazendo chamada ao Net::SSL na
> hora da
> >>> criptografia, e ver onde o processo de handshake pára.
> >>>
> >>> Grato,
> >>>
> >>> --
> >>> Geovanny Junio
> >>> Consultor de Tecnologia
> >>> geovanny (at) eutsiv.com.br
> >>> +55 31 9422-8885
> >>> +55 31 3393-9132
> >>> www.eutsiv.com.br
> >>>
> >>> Este e-mail pode conter informação privilegiada e confidencial. Se você
> >>> não é destinatário da
> >>> mensagem, por favor apague a mensagem e comunique-nos o fato de
> imediato.
> >>>
> >>> This e-mail contains information that may be
> >>> privileged and confidential. If you are not the intended recipient,
> >>> please
> >>> delete the e-mail and notify us immediately.
> >>>
> >>>
> >>> 2010/1/9 Daniel de Oliveira Mantovani
> >>> <daniel.oliveira.mantovani at gmail.com>
> >>>>
> >>>> Olá, talvez você precise usar SSL.
> >>>>
> >>>> $cpan
> >>>> look LWP
> >>>> vim README.SSL
> >>>> "SSL SUPPORT
> >>>> -----------
> >>>>
> >>>> The libwww-perl package has support for using SSL/TLSv1 with its HTTP
> >>>> client and server classes. This support makes it possible to access
> >>>> https schemed URLs with LWP. Because of the problematic status of
> >>>> encryption software in general and certain encryption algorithms in
> >>>> particular, in several countries, libwww-perl package doesn't include
> >>>> SSL functionality out-of-the-box.
> >>>>
> >>>> Encryption support is obtained through the use of Crypt::SSLeay or
> >>>> IO::Socket::SSL, which can both be found from CPAN. While libwww-perl
> >>>> has "plug-and-play" support for both of these modules (as of v5.45),
> >>>> the recommended module to use is Crypt::SSLeay. In addition to
> >>>> bringing SSL support to the LWP package, IO::Socket::SSL can be used
> >>>> as an object oriented interface to SSL encrypted network sockets.
> >>>>
> >>>> There is yet another SSL interface for perl called Net::SSLeay. It has
> >>>> a more complete SSL interface and can be used for web client
> >>>> programming among other things but doesn't directly support LWP.
> >>>>
> >>>> The underlying SSL support in all of these modules is based on OpenSSL
> >>>> <http://www.openssl.org/> (formerly SSLeay). For WWW-server side SSL
> >>>> support (e.g. CGI/FCGI scripts) in Apache see <http://www.modssl.org/
> >."
> >>>>
> >>>> Da uma olhada:
> >>>> Crypt::SSLeay  =>
> >>>> http://search.cpan.org/~dland/Crypt-SSLeay-0.57/SSLeay.pm
> >>>>
> >>>> *Eu não sei se é esse o problema*
> >>>>
> >>>> 2010/1/8 eutsiv :: Geovanny Junio <geovanny at eutsiv.com.br>:
> >>>> > Olá companheiros(as), tudo bem?
> >>>> > Estou trabalhando em um módulo para a NFSe, mas estou com problemas
> no
> >>>> > acesso ao webservice,
> >>>> > segue o código:
> >>>> > $ENV{HTTPS_DEBUG} = 1;
> >>>> > # Client PKCS12 cert support
> >>>> > $ENV{HTTPS_PKCS12_FILE} = 'mycert.pfx';
> >>>> > $ENV{HTTPS_PKCS12_PASSWORD} = 'mypass'';
> >>>> > my $userAgent = LWP::UserAgent->new();
> >>>> > my $request = HTTP::Request->new(POST =>
> >>>> > 'https://bhisshomologa.pbh.gov.br/bhiss-ws/nfse?wsdl');
> >>>> > $request->content($message);
> >>>> > $request->content_type("text/xml; charset=utf-8");
> >>>> > my $response = $userAgent->request($request);
> >>>> > if($response->code == 200) {
> >>>> > print $response->as_string;
> >>>> > }
> >>>> > else {
> >>>> > print $response->error_as_HTML;
> >>>> > }
> >>>> >
> >>>> >
> >>>> > Mas sempre o obtenho o seguinte erro:
> >>>> > SSL_connect:before/connect initialization
> >>>> > SSL_connect:SSLv3 write client hello A
> >>>> > SSL_connect:SSLv3 read server hello A
> >>>> > SSL_connect:SSLv3 read server certificate A
> >>>> > SSL_connect:SSLv3 read server key exchange A
> >>>> > SSL_connect:SSLv3 read server done A
> >>>> > SSL_connect:SSLv3 write client key exchange A
> >>>> > SSL_connect:SSLv3 write change cipher spec A
> >>>> > SSL_connect:SSLv3 write finished A
> >>>> > SSL_connect:SSLv3 flush data
> >>>> > SSL_connect:SSLv3 read finished A
> >>>> > <html>
> >>>> > <head><title>An Error Occurred</title></head>
> >>>> > <body>
> >>>> > <h1>An Error Occurred</h1>
> >>>> > <p>500 SSL read timeout: </p>
> >>>> > </body>
> >>>> > </html>
> >>>> > Já pesquisei, alterei o tempo de timeout, mas nada. Alguém sabe o
> >>>> > caminho
> >>>> > das pedras?
> >>>> > Desde já grato.
> >>>> > --
> >>>> > Geovanny Junio
> >>>> > Consultor de Tecnologia
> >>>> > geovanny (at) eutsiv.com.br
> >>>> > +55 31 9422-8885
> >>>> > +55 31 3393-9132
> >>>> > www.eutsiv.com.br
> >>>> >
> >>>> > Este e-mail pode conter informação privilegiada e confidencial. Se
> >>>> > você não
> >>>> > é destinatário da
> >>>> > mensagem, por favor apague a mensagem e comunique-nos o fato de
> >>>> > imediato.
> >>>> >
> >>>> > This e-mail contains information that may be
> >>>> > privileged and confidential. If you are not the intended recipient,
> >>>> > please
> >>>> > delete the e-mail and notify us immediately.
> >>>> >
> >>>> > _______________________________________________
> >>>> > SaoPaulo-pm mailing list
> >>>> > SaoPaulo-pm at pm.org
> >>>> > http://mail.pm.org/mailman/listinfo/saopaulo-pm
> >>>> >
> >>>>
> >>>>
> >>>>
> >>>> --
> >>>> If you’ve never written anything thoughtful, then you’ve never had any
> >>>> difficult, important, or interesting thoughts. That’s the secret:
> >>>> people who don’t write, are people who don’t think.
> >>>> _______________________________________________
> >>>> SaoPaulo-pm mailing list
> >>>> SaoPaulo-pm at pm.org
> >>>> http://mail.pm.org/mailman/listinfo/saopaulo-pm
> >>>
> >>>
> >>> _______________________________________________
> >>> SaoPaulo-pm mailing list
> >>> SaoPaulo-pm at pm.org
> >>> http://mail.pm.org/mailman/listinfo/saopaulo-pm
> >>
> >>
> >>
> >> --
> >> lorn at lornlab dot org
> >> Lindolfo "Lorn" Rodrigues
> >>
> >>
> >> _______________________________________________
> >> SaoPaulo-pm mailing list
> >> SaoPaulo-pm at pm.org
> >> http://mail.pm.org/mailman/listinfo/saopaulo-pm
> >
> >
> > _______________________________________________
> > SaoPaulo-pm mailing list
> > SaoPaulo-pm at pm.org
> > http://mail.pm.org/mailman/listinfo/saopaulo-pm
> >
>
>
>
> --
> "If you’ve never written anything thoughtful, then you’ve never had
> any difficult, important, or interesting thoughts. That’s the secret:
> people who don’t write, are people who don’t think."
> _______________________________________________
> SaoPaulo-pm mailing list
> SaoPaulo-pm at pm.org
> http://mail.pm.org/mailman/listinfo/saopaulo-pm
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.pm.org/pipermail/saopaulo-pm/attachments/20100112/538511d2/attachment-0001.html>

More information about the SaoPaulo-pm mailing list