With LWP 6, you probably need Mozilla::CA

LWP 6 makes hostname verification the default -- so note this from LWP::UserAgent:

If hostname verification is requested, and neither SSL_ca_file nor SSL_ca_path is set, then SSL_ca_file is implied to be the one provided by Mozilla::CA. If the Mozilla::CA module isn't available SSL requests will fail. Either install this module, set up an alternative SSL_ca_file or disable hostname verification.

If you use LWP and want SSL, you need IO::Socket::SSL (recommended) and Mozilla::CA.

This entry was posted in perl programming and tagged , . Bookmark the permalink. Both comments and trackbacks are currently closed.


  1. Alexander Hartmaier
    Posted March 19, 2011 at 8:03 pm | Permalink

    The important thing that's missing in the changelog/pod is that IO::Socket::SSL is now preferred over Crypt::SSLeay if both are installed.
    This results in broken certificate authentication because for IO::Socket::SSL you have to pass the filenames in the new ssl_opts hash whereas Crypt::SSLeay uses env vars.
    I've stumbled over it the hard way last week but luckily found the ssl branch merge in the git repo.

  2. Posted May 26, 2012 at 4:54 am | Permalink

    This results in broken certificate authentication