Skip to content
This repository was archived by the owner on May 7, 2021. It is now read-only.
This repository was archived by the owner on May 7, 2021. It is now read-only.

Failed to check website with self signed certificate #31

Open
Open
Failed to check website with self signed certificate#31
@cannotcodetm

Description

@cannotcodetm
cannotcodetm
opened on Apr 26, 2018

Hi,

I use your Webinject for my Icinga 2 check plugin and run in some trouble with a selfsigned certificate. The problem was located at LWP perl module which seems to be not able handling this type of certificate because it have no Root certificate for validation.

There are two solution first is ignoring certificate validation what not solve the cause of problem but make the plugin easy usable in a selfsign enviornment. Second solution is offering LWP the root certificate for validation.

So I will suggest implementing this feature to ignore or offer webinject certificates. Like:
webinject.pl -c config.xml testcases.xml --no_ssl_verify or
webinject.pl -c config.xml testscases.xml --ssl_cert /root/pki/certs/host.pem --ssl_key /root/pki/keys/host-key.pem

Code example:
This makes LWP ignoring the cert but I wish that webinject drop this line if I indicate it to do this with a switch or something:
$useragent->ssl_opts(verify_hostname => 0);
And this makes LWP using certificates here same with a switch and passing the paths

$useragent->ssl_opts => {
        SSL_use_cert => 1,
        SSL_cert_file   => "/path/to/clientcert.crt",
        SSL_key_file    => "/path/to/privatekey.key",
    },

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions