Menu
Perl's Mojolicious supports Server Name Identification (SNI), which some web servers use to host several sites with one HTTPS certificate. I'm working on a system that's not set up to use this, and googling a bit doesn't turn up anything that makes the process clear and the various parts apparent. The StackOverflow question Perl LWP GET or POST to an SNI SSL URL mentions a few things.
So, what's everything I need to do?
264
First, it's not Mojolicious (or LWP or whatever) that supports SNI. It's IO::Socket::SSL, but not really, because it's Net::SSLeay, but not really because it's your version of openssl.
--prefix option to configure to install it in a fresh directory so you don't disturb what you already have and on which other things depend.You can find this info by looking in the Changes file for each module, but while we're here, let's get Net::SSLeay sorted with it's not as simple as installing the module.
Some things you have to pay attention to:
Use the OPENSSL_PREFIX variable to tell cpan (and the stuff it runs) where to find the right openssl.
$ export OPENSSL_PREFIX=/usr/local/ssl
$ cpan Net::SSLeay IO::Socket::SSL
If you already have the latest Net::SSLeay but compiled against an older version of openssl, you can force install the module to recompile it even though cpan thinks its up-to-date:
$ cpan -f Net::SSLeay IO::Socket::SSL
IO::Socket::SSL has methods to check this (added in 1.84):
$ /usr/local/ssl/bin/openssl version
OpenSSL 1.0.1r 28 Jan 2016
$ perl -MIO::Socket::SSL -le 'print IO::Socket::SSL->VERSION'
2.024
$ perl -MIO::Socket::SSL -le 'print IO::Socket::SSL->can_client_sni'
1
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With