perl - How to use LWP with client cert and CA -

i curenttly have perl code drops out shell call curl talk end point certificates. works fine feel cheating in perl when escape shell , take easy option. below curl command using , works fine.

$soap_response = echo '$soap_request' | curl --cacert $self->{'server_cert'} --cert $self->{'client_cert'} -d '\@-' -h 'soapaction:urn:anonoutinop' $self->{'end_point'} -s | xmllint -format -;

i have ca file, , client file, both in pem format.

i have tried use lwp , net::ssl make communication purely in perl , rid of reliance on curl cannot life of me work.

i set enviroment net:ssl as

#set ssl envrioment net::ssl $env{https_debug} = 1; $env{https_cert_file} = $client_cert; $env{https_ca_file}   = $server_cert; $env{https_ca_dir}    = $certificate_dir; 

then send request as

my $ua = new lwp::useragent(); $request = http::request->new(post => $endpoint); $request->header(soapaction => '"query"'); $request->content($query); $request->content_type("text/xml; charset=utf-8");  $response = $ua->request($request); print $response->content,"\n"; 

the output when running is

ssl_connect:before/connect initialization ssl_connect:sslv2/v3 write client hello ssl_connect:sslv3 read server hello ssl_connect:sslv3 read server certificate ssl_connect:sslv3 read server key exchange ssl_connect:sslv3 read server certificate request ssl_connect:sslv3 read server done ssl_connect:sslv3 write client certificate ssl_connect:sslv3 write client key exchange ssl_connect:sslv3 write change cipher spec ssl_connect:sslv3 write finished ssl_connect:sslv3 flush data ssl_connect:sslv3 read finished <?xml version="1.0" encoding="utf-8"?><soapenv:envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/xmlschema" xmlns:xsi="http://www.w3.org/2001/xmlschema-instance"><soapenv:body><soapenv:fault><faultcode xmlns:ns1="http://xml.apache.org/axis/">ns1:http</faultcode><faultstring>(403)forbidden</faultstring><detail><ns2:hostname xmlns:ns2="http://xml.apache.org/axis/">hh0pgw01</ns2:hostname><ns3:httperrorcode xmlns:ns3="http://xml.apache.org/axis/">403</ns3:httperrorcode></detail></soapenv:fault></soapenv:body></soapenv:envelope> 

so seems exchanged ca file , happy host request being rejected 403 forbiden error, suspect client key not being exchanged request.

can me resolve issue or suggest may falling down.

so seems exchanged ca file , happy host request being rejected 403 forbiden error, suspect client key not being exchanged request.

it looks client sent certificate , server accepted it. because otherwise ssl handshake have failed , in case server not able send 403 or xml back. might server side application not associate necessary rights certificate have send, i.e. wrong certificate or server got misconfigured.

it might request wrong. when looking @ curl , lwp request looks me sending different headers relating soap.

apart looks using old version of lwp or explicitly force use of deprecated , insecure net::ssl/crypt::ssl backend. current versions of lwp (version>=6.0, i.e. within last 4 years) don't use net::ssl/crypt::ssleay instead use io::socket::ssl backend. configure use ssl_opts , relevant ssl options documented io::socket::ssl:

 lwp::useragent->new(..., ssl_opts => {       ssl_ca_path   => ... # directory ca, if file use ssl_ca_file       ssl_cert_file => ... # client site certificate       ssl_cert_key  => ... # key client site certificate  });