2 
my $smtp = Net::SMTP::SSL->new(
    'smtp.gmail.com',
    Port  => 465,
    Debug => 0,
);

生产,

*******************************************************************
 Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client
 is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER
 together with SSL_ca_file|SSL_ca_path for verification.
 If you really don't want to verify the certificate and keep the
 connection open to Man-In-The-Middle attacks please set
 SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application.
*******************************************************************

编辑:

之后libnetIO::Socket::SSL升级到1.954构造函数静默失败。

这是Net::SMTP::SSL->new选项Debug

Net::SMTP::SSL>>> Net::SMTP::SSL(1.01)
Net::SMTP::SSL>>>   IO::Socket::SSL(1.954)
Net::SMTP::SSL>>>     IO::Socket::INET6(2.69)
Net::SMTP::SSL>>>       IO::Socket(1.34)
Net::SMTP::SSL>>>         IO::Handle(1.33)
Net::SMTP::SSL>>>           Exporter(5.67)
Net::SMTP::SSL>>>   Net::Cmd(2.30)

编辑2

C:\sb\w>echo -n | openssl s_client -connect smtp.gmail.com:465 | perl -lne"print
 if /^-----/.../^-----/" > smtp.gmail.com.crt.pem ; echo -n | openssl s_client -
CAfile smtp.gmail.com.crt.pem -connect smtp.gmail.com:465 > out.txt
Can't open ;: No such file or directory.
Can't open echo: No such file or directory.
Can't open -n: No such file or directory.
WARNING: can't open config file: z:/strawberry_libs/build/_wrk_2013Q1_.out/ssl/o
penssl.cnf
Loading 'screen' into random state -WARNING: can't open config file: z:/strawber
ry_libs/build/_wrk_2013Q1_.out/ssl/openssl.cnf
Loading 'screen' into random state - done
 done
depth=1 C = US, O = Google Inc, CN = Google Internet Authority
verify error:num=20:unable to get local issuer certificate
verify return:0
depth=1 C = US, O = Google Inc, CN = Google Internet Authority
verify error:num=20:unable to get local issuer certificate
verify return:0
DONE

出.txt

CONNECTED(00000160)
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com
   i:/C=US/O=Google Inc/CN=Google Internet Authority
 1 s:/C=US/O=Google Inc/CN=Google Internet Authority
   i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
---
Server certificate
-----BEGIN CERTIFICATE-----
MIIDgDCCAumgAwIBAgIKVE1MdQABAACEMzANBgkqhkiG9w0BAQUFADBGMQswCQYD
VQQGEwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzEiMCAGA1UEAxMZR29vZ2xlIElu
dGVybmV0IEF1dGhvcml0eTAeFw0xMzA0MTUwODQ2MjNaFw0xMzEyMzExNTU4NTBa
MGgxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1N
b3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgSW5jMRcwFQYDVQQDEw5zbXRw
LmdtYWlsLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqe8rG8fecywb
KiHKoED8Vxnre8OoviGR+gVA/LPLfUUaPcjnMxrdbeR+uEORE3Kk9hX+NeLyEzAV
jUBu+s7EX7jeb7OJeuL5sq1m5Vfv8E8mrcqTwjj8TpT2gtb5l/06P7FPlwP/gW2i
OtJPuXNGYIL/ijh63qaXrf2OTOezH5MCAwEAAaOCAVEwggFNMB0GA1UdJQQWMBQG
CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUV1wzjSdBZwXA9zhEwI7UUVBD
KJwwHwYDVR0jBBgwFoAUv8Aw6/VDET5nup6R+/xq2uNrEiQwWwYDVR0fBFQwUjBQ
oE6gTIZKaHR0cDovL3d3dy5nc3RhdGljLmNvbS9Hb29nbGVJbnRlcm5ldEF1dGhv
cml0eS9Hb29nbGVJbnRlcm5ldEF1dGhvcml0eS5jcmwwZgYIKwYBBQUHAQEEWjBY
MFYGCCsGAQUFBzAChkpodHRwOi8vd3d3LmdzdGF0aWMuY29tL0dvb2dsZUludGVy
bmV0QXV0aG9yaXR5L0dvb2dsZUludGVybmV0QXV0aG9yaXR5LmNydDAMBgNVHRMB
Af8EAjAAMBkGA1UdEQQSMBCCDnNtdHAuZ21haWwuY29tMA0GCSqGSIb3DQEBBQUA
A4GBAKjS8CA/bUmRKrBpheHj11xyzhSChF22FgdnfNA2BM4JRXbW80tzWdFNMgH4
YwFbtVz1k/0lkp/hMRt7X8K2h3KnFQlruYau13Hyx0792ZARWveEQdkZmRqMOp/o
Oy4c1myaShPRqDbL2URMV0yDoM/1oyqwKhMJpHQRBE8E9bLX
-----END CERTIFICATE-----
subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=smtp.gmail.com
issuer=/C=US/O=Google Inc/CN=Google Internet Authority
---
No client certificate CA names sent
---
SSL handshake has read 2110 bytes and written 444 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-RC4-SHA
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-RC4-SHA
    Session-ID: 005C0178613F508FD35C7FB31818B414403643D85FC82171ACB4C0A6A7F649DF
    Session-ID-ctx: 
    Master-Key: 6302D2B1419C17294A30492F7B78B79B2E1A00C1FEDE719A9FD9BE4532048B05CA7D862B76816296B049685BB81C0FB0
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    SRP username: None
    TLS session ticket lifetime hint: 100800 (seconds)
    TLS session ticket:
    0000 - af ea ad 41 15 64 9f 1f-13 03 2c 1e 70 70 f1 13   ...A.d....,.pp..
    0010 - 70 73 40 a0 e5 1f 05 d4-73 14 99 1d 56 e1 e7 27   ps@.....s...V..'
    0020 - 52 c2 36 dc c4 a3 b7 cc-49 4f 82 23 42 d3 f7 c2   R.6.....IO.#B...
    0030 - 3b 23 37 62 ad c5 a6 d5-d0 55 71 41 c7 17 98 46   ;#7b.....UqA...F
    0040 - 35 2e 7f 27 6e 35 9a e0-be ee 12 c1 31 6e f9 26   5..'n5......1n.&
    0050 - 89 7b 09 da da 5e c3 0d-0a 7c 14 9c c3 fb 73 b1   .{...^...|....s.
    0060 - d2 49 38 59 88 8a 23 52-52 8e 3c a3 de cd 9b 80   .I8Y..#RR.<.....
    0070 - 31 35 e4 79 06 68 6e e5-96 2f 88 e5 c6 2e 27 c0   15.y.hn../....'.
    0080 - d9 3d f3 d8 2e e8 de 3c-40 c8 34 1e 7b b9 97 cc   .=.....<@.4.{...
    0090 - 0e c4 43 33                                       ..C3

    Start Time: 1379686108
    Timeout   : 300 (sec)
    Verify return code: 20 (unable to get local issuer certificate)
---
220 mx.google.com ESMTP f49sm19719497eec.7 - gsmtp
4

1 回答 1

2

安装根证书SHA1 Fingerprint=D2:32:09:AD:23:D3:14:23:21:74:E4:0D:7F:9D:62:13:97:86:63:3A在哪里可以找到 OpenSSL它。

考虑从那个古老的模块切换到更现代的模块,例如Email::Sender::Transport::SMTP::TLSNet::SMTPS,它们使 SSL 设置可配置。

于 2013-09-22T20:37:50.807 回答