1

我正在尝试使用客户端计算机 SunOS 5.10 中的 perl 脚本连接到 webservice 服务器,但没有成功。

我正在使用 ActivePerl 5.8.8,以及其他一些已安装的库。我还安装了带有 cacertificates 依赖项的 libssl0_9_8。

请注意,负责服务器端 Web 服务的团队说我没有从他们那里管理任何证书。

我已经阅读了很多论坛,但我对这个问题没有明确的答案。我在我的脚本中使用以下内容:

use SOAP::Lite;
use SOAP::Lite +trace => 'all';
$ENV{HTTPS_DEBUG} = 1;
my $server = $conf->param("Server");
my $url = "https://$server:443/services";
my $service = SOAP::Lite->proxy("$url/service") or die $logger->error("Error: WebService $!");

当我启动我的脚本时,它会产生以下内容:

bash-3.2# ./GetTest.pl 
SOAP::Transport::new: ()
SOAP::Serializer::new: ()
SOAP::Deserializer::new: ()
SOAP::Parser::new: ()
SOAP::Lite::new: ()
SOAP::Transport::HTTP::Client::new: ()
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Lite::call: ()
SOAP::Serializer::envelope: ()
SOAP::Serializer::envelope: getInterface SOAP::Data=HASH(0x1003e0c) SOAP::Data=HASH(0x1003b18) SOAP::Data=HASH(0x1003bd8) SOAP::Data=HASH(0x1003ce0)
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Data::new: ()
SOAP::Transport::HTTP::Client::send_receive: HTTP::Request=HASH(0x100368c)
SOAP::Transport::HTTP::Client::send_receive: POST https://<SERVER>:443/axis2/services/Service HTTP/1.1
Accept: text/xml
Accept: multipart/*
Accept: application/soap
Content-Length: 875
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://...#getInterface"
...
SSL_connect:before/connect initialization
SSL_connect:SSLv2/v3 write client hello A
SSL3 alert read:fatal:handshake failure
SSL_connect:error in SSLv2/v3 read server hello A
SSL_connect:before/connect initialization
SSL_connect:SSLv3 write client hello A
SSL3 alert write:fatal:handshake failure
SSL_connect:error in SSLv3 read server hello A
SSL_connect:before/connect initialization
SSL_connect:SSLv2 write client hello A
SSL_connect:failed in SSLv2 read server hello A
SOAP::Transport::HTTP::Client::send_receive: HTTP::Response=HASH(0x77c3e8)
SOAP::Transport::HTTP::Client::send_receive: 500 SSL negotiation failed:
Content-Type: text/plain
Client-Date: Mon, 09 Mar 2015 10:27:04 GMT
Client-Warning: Internal response

500 SSL negotiation failed:
SOAP::Deserializer::deserialize: ()
SOAP::Parser::decode: ()
SOAP::Data::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Transport::HTTP::Client::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Transport::DESTROY: ()
SOAP::Serializer::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Data::DESTROY: ()
SOAP::Deserializer::DESTROY: ()
SOAP::Parser::DESTROY: ()
SOAP::Lite::DESTROY: ()

请注意,某些输出已被隐藏。

如果您需要帮助我解决问题,我很乐意为您提供更多信息。

编辑 :

我已经使用 openssl 实用程序测试了与服务器的连接,它似乎有效:

bash-3.2# openssl s_client -connect <server>:443 -tls1
CONNECTED(00000004)
depth=1 /C=FR/ST=Alpes-Maritimes/...
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
...
---
Server certificate
-----BEGIN CERTIFICATE-----
MIICcjCCAds...
-----END CERTIFICATE-----
...
---
No client certificate CA names sent
---
SSL handshake has read 1886 bytes and written 260 bytes
---
New, TLSv1/SSLv3, Cipher is ...
Server public key is 1024 bit
Secure Renegotiation IS NOT supported
SSL-Session:
    Protocol  : TLSv1
    Cipher    : ...
    Verify return code: 19 (self signed certificate in certificate chain)
---

我们可以看到我必须使用 TLSv1/SSLv3 才能使其工作。请注意,我已经用较低版本测试了此命令,但它不起作用。

我能做些什么 ?将 ActivePerl 升级到 5.20 以考虑支持 TLSv1 的新特定库?还是其他人?

提前致谢,

4

0 回答 0