Perl “lwp-request” giving error 500 using TLS 1.2

坚强是说给别人听的谎言 提交于 2020-05-09 16:54:10

问题


We've been using a shipping API via our Unix server, specifically SCO Openserver 5.0.7, for a little over a year.

Our system generates XML files, sends them to the server using the lwp-request command, receives the response, interprets it, and processes it as needed by our system.

The exact command we use is:

lwp-request -m POST https://url.com < REQUESTFILE.XML > RESPONSEFILE.XML

The shipping company is upgrading all servers to require TLS 1.2, and now I get

500 SSL negotiation failed:

as a response when using this command.

I'm not sure how to go about making our system compatible.

  • Do I need to update Perl? (Current version is v5.8.8 built for i586-pc-sco3.2v5.0). If so, what is the minimum version to use TLS 1.2?

  • Do I need to update LWP? I believe my LWP version is 5.805 (got this using perl -MLWP -le "print(LWP->VERSION)")

  • Do I need to go into the lwp-request script and manually modify it?

  • Or is there perhaps another command that does an equivalent job using TLS 1.2?


回答1:


Given your very old version of Perl (5.8.8, where 5.8.9 was release 2008) and LWP (5.805, 5.806 was released 2007) on a very old OS (SCO OpenServer 5.0.7, last update around 2009) it is likely that you are also running a very old version of OpenSSL. TLS 1.2 was only specified in 2008 and got available in OpenSSL only with 1.0.1 which was released 03/2012, i.e. several years after any software updates to your system.

You can check it it with openssl version and my guess is that it says something about version 0.9.8, i.e. way too old.

To make TLS 1.2 work on this old system you would need to compile a newer version of OpenSSL (at least the latest 1.0.1) and rebuild the Perl modules interfacing with OpenSSL so that they use this new version. Depending on your setup this might be Crypt::SSLeay or Net::SSLeay. And given how old your system is it is not unlikely that you run in various problems with compiling simply because most don't expect that somebody tries to compile newer software on outdated systems. Thus it might just be easier to upgrade everything to a recent and supported OS instead of trying to fight with an old system.



来源:https://stackoverflow.com/questions/38272919/perl-lwp-request-giving-error-500-using-tls-1-2

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!