I need to post XML to a server via https, but I need to verify that the self-signed server certificate is correct before I push the XML (which contains sensitive information).
I’d prefer a perl solution, but there doesn’t seem to be a CPAN solution that actually verifies the certificate – I thought Crypt::SSLeay would do it, but not in my testing ( http://perlmonks.org/?node_id=739072 )
I briefly looked at python (though I’m not sure if I can get any non-perl language installed on our production servers), but it looks like certificate validation isn’t supported until version 2.6.0.
Perhaps I could shell out to something – wget seems to actually verify the peer certificate, but I’m not sure how to withhold the xml post until it’s validated. Seems like this would take two wget requests: one to validate the certificate, and one to post the xml. This doesn’t seem like the most secure solution to me (the second post could be hijacked).
Any tips?
Thanks
You should use cURL, not wget. cURL supports peer certificate verification.
You can shell out and execute cURL on the command line, or use the Perl library; WWW::curl.
http://curl.online-mirror.de/docs/sslcerts.html
Good Luck!