Problem with HTTPS in LWP module in Perl

Björn Kautler
Tue Nov 6 10:58:00 GMT 2012


I think you have hit exactly the same problem than me as far as i can
tell from your output, though I didn't use lwp-request but
LWP::UserAgent, but I tried with lwp-request and it is the same. Let
me explain inline in your mail what I think happened during your

2012/11/1 Reini Urban <>:
> On Thu, Nov 1, 2012 at 1:22 PM, Reini Urban wrote:
>> On Thu, Nov 1, 2012 at 1:05 PM, Björn Kautler  wrote:
>>> I'm having a problem with https requests to
>>> "" in perl.
>>> Nothing was done at all, then I found out I need to install
>>> LWP::Protocol:https which I did with "cpan LWP::Protocol:https".
>>> Now according to Wireshark at least SSL communication is started.
>>> But after the "Client Hello" it just hangs until a timeout happens,
>>> waiting for the "Server Hello".
>>> With other HTTPS pages like "" it works fine.
>>> The exact same Perl script works fine under Ubuntu.
>>> The https request to the same page works fine with curl under cygwin.
>>> If I change the SSL socket class to Net::SSL instead of
>>> IO::Socket::SSL, it also hangs after the "Client Hello", but then
>>> retries with SSLv3 instead of TLSv1 according to Wireshark and this at
>>> least works a bit better though not completely.
>>> So I guess something is weird in the Cygwin port of IO::Socket::SSL. :-/
>> Probably, but I cannot reproduce it.
>> If it is, you need to file a ticket for this,
>> with some wireshark loggings and the exact request.
>> $ lwp-request
>> 501 Protocol scheme 'https' is not supported (LWP::Protocol::https not
>> installed)
>> $ cpan LWP::Protocol::https
>> ... (built and installed SULLR/IO-Socket-SSL-1.77.tar.gz,
>> GAAS/LWP-Protocol-https-6.03.tar.gz)
>>   /usr/bin/make install  -- OK
>> $ lwp-request -USed
>> GET
>> User-Agent: lwp-request/6.03 libwww-perl/6.04
>> 500 Can't connect to
>> Content-Type: text/plain
>> Client-Date: Thu, 01 Nov 2012 18:21:07 GMT
>> Client-Warning: Internal response

How long did this need from executing until error message?
I think this is the exact place where the error happens, also for you.
At least the output seems like that to me.

>> From debian:
>> $ lwp-request -USed
>> GET
>> User-Agent: lwp-request/5.834 libwww-perl/6.04
>> GET --> 500 Can't connect to
>> Content-Type: text/plain
>> Client-Date: Thu, 01 Nov 2012 18:18:49 GMT
>> Client-Warning: Internal response
>> $ lwp-request -USed
>> -> 200 OK
> I got a bit more information from some other version:
> $ perl5.14.3 -S lwp-request -USed
> User-Agent: lwp-request/5.834 libwww-perl/6.04
> GET --> 500 Can't connect to
> (Crypt-SSLeay can't verify hostnames)
> Content-Type: text/plain
> Client-Date: Thu, 01 Nov 2012 18:22:57 GMT
> Client-Warning: Internal response
> So I think it's on the application level, not the library. This is
> with Crypt::SSLeay 0.64.
> My Cygwin has 0.60, and debian had 0.58.
> See

I don't think this is more information but another case.
There are two SSL Socket classes that you can set.
lwp-request -USed" you get teh error 500
with "Crypt-SSLeay can't verify hostnames". If you use IO::Socket::SSL
like "PERL_NET_HTTPS_SSL_SOCKET_CLASS='IO::Socket::SSL' lwp-request
-USed" which seems to be the default on all
systems I tried on, you don't get the error with hostname
verification, but the timeout.
If I use Net::SSL as socket class and switch off hostname verification
with "PERL_LWP_SSL_VERIFY_HOSTNAME=0", I'm getting the very same
timeout I get with the other socket class, just that after the timeout
the library tries again with an SSLv3 client hello instead of an TLSv1
client hello and succeds.
But using curl shows that it should work with the TLSv1 client hello right away.
Just like I described in my original message already. :-)


Problem reports:
Unsubscribe info:

More information about the Cygwin mailing list