When trying to connect to a test SSL SOAP server with an invalid certificate, Perl is printing out this massive chunk of text:
*******************************************************************
Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client
is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER
together with SSL_ca_file|SSL_ca_path for verification.
If you really don't want to verify the certificate and keep the
connection open to Man-In-The-Middle attacks please set
SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application.
*******************************************************************
It turns out that this is coming from IO::Socket::SSL (which would be a nice detail to include in the warning text, donchathink?), but I'm never referencing IO::Socket::SSL directly; it's only a dependency of SOAP::Lite somewhere down the chain. It seems like I should be able to pass options to it somehow, but none of the things I've tried seem to work.
Notably, setting IO::Socket::SSL's defaults using its set_defaults method doesn't resolve the warning.
How can I pass SSL options to IO::Socket::SSL when it's being used from SOAP::Lite?
First, setting
IO::Socket::SSL's defaults doesn't get rid of the warning because the logic it uses to see if the warning needs to be printed out has to do with whether or not it's using its defaults.I finally found, after a lot of time in the Perl debugger, that this invocation would work:
This ultimately tells it to call the
ssl_optsmethod inLWP::UserAgentwith the provided array (NOT hash) reference. (BTW,0is equivalent toIO::Socket::SSL::SSL_VERIFY_NONE.) Despite the way I've written it, note that the arguments toproxyare string-scalar, string-scalar, and array-ref to string-scalar and number-scalar.Using the arguments to
proxymay be the only way to pass this data on, despite other documentation.