Loading ...
Sorry, an error occurred while loading the content.

Re: [soaplite] SOAP::Transport::HTTP::Daemon::SSL ???

Expand Messages
  • Bryce Harrington
    For my project, we ve got a similar need, but it appears that because Perl lacks decent certificate management, ssl can t be used in daemon mode. We d be
    Message 1 of 9 , Dec 1, 2004
    • 0 Attachment
      For my project, we've got a similar need, but it appears that because
      Perl lacks decent certificate management, ssl can't be used in daemon
      mode.

      We'd be interested in collaborating with others to try to get this issue
      solved.

      Bryce

      On Wed, 1 Dec 2004, laurentf_ml wrote:
      > Hello,
      >
      > I would like to write a little stand-alone soap server, which is very
      > easy with SOAP::Transport::HTTP::Daemon, but, for security reasons, I
      > would like to use HTTPS instead of HTTP.
      >
      > Is something like this possible (whithout apache) ?
      >
      > regards,
      > Laurent F.
      >
      >
      >
      >
      >
      >
      >
      > Yahoo! Groups Links
      >
      >
      >
      >
      >
      >
      >
    • Bryce Harrington
      Check this out... http://johnbokma.com/perl/https.html
      Message 2 of 9 , Dec 1, 2004
      • 0 Attachment
        Check this out...

        http://johnbokma.com/perl/https.html

        On Wed, 1 Dec 2004, Bryce Harrington wrote:
        > For my project, we've got a similar need, but it appears that because
        > Perl lacks decent certificate management, ssl can't be used in daemon
        > mode.
        >
        > We'd be interested in collaborating with others to try to get this issue
        > solved.
        >
        > Bryce
        >
        > On Wed, 1 Dec 2004, laurentf_ml wrote:
        > > Hello,
        > >
        > > I would like to write a little stand-alone soap server, which is very
        > > easy with SOAP::Transport::HTTP::Daemon, but, for security reasons, I
        > > would like to use HTTPS instead of HTTP.
        > >
        > > Is something like this possible (whithout apache) ?
        > >
        > > regards,
        > > Laurent F.
        > >
        > >
        > >
        > >
        > >
        > >
        > >
        > > Yahoo! Groups Links
        > >
        > >
        > >
        > >
        > >
        > >
        > >
        >
        >
      • laurentf_ml
        ... because ... daemon ... issue ... Hello Bryce, I m happy to learn that I m not alone :-) here are the results of my searchs done before posting here :
        Message 3 of 9 , Dec 2, 2004
        • 0 Attachment
          > For my project, we've got a similar need, but it appears that
          because
          > Perl lacks decent certificate management, ssl can't be used in
          daemon
          > mode.
          >
          > We'd be interested in collaborating with others to try to get this
          issue
          > solved.

          Hello Bryce,

          I'm happy to learn that I'm not alone :-)

          here are the results of my searchs done before posting here :

          http://search.cpan.org/~reatmon/Net-HTTPServer-1.0
          .2/lib/Net/HTTPServer.pm

          which has this interesting option :

          ssl => 0|1 - Run a secure server using SSL. You must
          specify ssl_key, ssl_cert, and ssl_ca if
          set this to 1.
          ( Default: 0 )


          (but how to do the "glue" with Soaplite ?)

          and

          http://search.cpan.org/~behroozi/HTTP-Daemon-SSL-1.01/SSL.pm

          by looking in Soaplite source code, I ask myself if this one couldn't
          be added in HTTP.pm ( as a "SOAP::Transport::HTTP::Daemon::SSL" )



          ... but it's probably beyond my perl capabilities !


          regards,
          Laurent F.



          > Bryce
          >
          > On Wed, 1 Dec 2004, laurentf_ml wrote:
          > > Hello,
          > >
          > > I would like to write a little stand-alone soap server, which is
          very
          > > easy with SOAP::Transport::HTTP::Daemon, but, for security
          reasons, I
          > > would like to use HTTPS instead of HTTP.
          > >
          > > Is something like this possible (whithout apache) ?
          > >
          > > regards,
          > > Laurent F.
        • Hostile
          I think it should be possible in theory to do a https server with certificates. I did some reading into it a few months back. I soon decided I would rather
          Message 4 of 9 , Dec 2, 2004
          • 0 Attachment
            I think it should be possible in theory to do a https server with
            certificates. I did some reading into it a few months back. I soon
            decided I would rather use Apache and that I would not put a perl
            based service facing the world.

            If you read into the transport stuff, you can write your own. I
            suspect you can use HTTP::Daemon::SSL and somehow set the certificate
            values etc either by passing the right arguements when creating the
            object or by setting %ENV variables (prolly something do to with
            Crypt::SSLeay).

            I have the Orielly book, that gave me some ideas. Its been too long
            since I looked at this but if it is of any use I have attached some
            code I played with.

            The code I have attached, I just copied the HTTP transport and
            replaced HTTP::Daemon with HTTP::Daemon::SSL

            HTTP::Daemon::SSL does not fork for you, hence the prefork version
            also attached.

            Cheers :)

            Martin


            On Thu, 02 Dec 2004 08:57:42 -0000, laurentf_ml <laurentf_ml@...> wrote:
            >
            >
            >
            >
            > > For my project, we've got a similar need, but it appears that
            > because
            > > Perl lacks decent certificate management, ssl can't be used in
            > daemon
            > > mode.
            > >
            > > We'd be interested in collaborating with others to try to get this
            > issue
            > > solved.
            >
            > Hello Bryce,
            >
            > I'm happy to learn that I'm not alone :-)
            >
            > here are the results of my searchs done before posting here :
            >
            > http://search.cpan.org/~reatmon/Net-HTTPServer-1.0
            > .2/lib/Net/HTTPServer.pm
            >
            > which has this interesting option :
            >
            > ssl => 0|1 - Run a secure server using SSL. You must
            > specify ssl_key, ssl_cert, and ssl_ca if
            > set this to 1.
            > ( Default: 0 )
            >
            > (but how to do the "glue" with Soaplite ?)
            >
            > and
            >
            > http://search.cpan.org/~behroozi/HTTP-Daemon-SSL-1.01/SSL.pm
            >
            > by looking in Soaplite source code, I ask myself if this one couldn't
            > be added in HTTP.pm ( as a "SOAP::Transport::HTTP::Daemon::SSL" )
            >
            > ... but it's probably beyond my perl capabilities !
            >
            > regards,
            > Laurent F.
            >
            >
            >
            >
            > > Bryce
            > >
            > > On Wed, 1 Dec 2004, laurentf_ml wrote:
            > > > Hello,
            > > >
            > > > I would like to write a little stand-alone soap server, which is
            > very
            > > > easy with SOAP::Transport::HTTP::Daemon, but, for security
            > reasons, I
            > > > would like to use HTTPS instead of HTTP.
            > > >
            > > > Is something like this possible (whithout apache) ?
            > > >
            > > > regards,
            > > > Laurent F.
            >
            >
            > Yahoo! Groups Links
            >
            >
            >
            >
            >
          • Bryce Harrington
            ... Yeah I had scanned through the entire archives of this list looking for an answer, and I was surprised to see the question asked a number of times
            Message 5 of 9 , Dec 2, 2004
            • 0 Attachment
              On Thu, 2 Dec 2004, laurentf_ml wrote:
              > I'm happy to learn that I'm not alone :-)

              Yeah I had scanned through the entire archives of this list looking for
              an answer, and I was surprised to see the question asked a number of
              times previously. Unfortunately I didn't spot a solid answer. It
              appears to be a still-unsolved problem.

              > here are the results of my searchs done before posting here :
              >
              > http://search.cpan.org/~reatmon/Net-HTTPServer-1.0
              > .2/lib/Net/HTTPServer.pm
              >
              > which has this interesting option :
              >
              > ssl => 0|1 - Run a secure server using SSL. You must
              > specify ssl_key, ssl_cert, and ssl_ca if
              > set this to 1.
              > ( Default: 0 )
              >
              >
              > (but how to do the "glue" with Soaplite ?)
              >
              > and
              >
              > http://search.cpan.org/~behroozi/HTTP-Daemon-SSL-1.01/SSL.pm
              >
              > by looking in Soaplite source code, I ask myself if this one couldn't
              > be added in HTTP.pm ( as a "SOAP::Transport::HTTP::Daemon::SSL" )
              >
              > ... but it's probably beyond my perl capabilities !

              Cool, I've passed this along to Kees, who has been looking into this a
              bit with me.

              For us the issue is just lack of sufficient time to research into what
              needs to be done. Coding it up (or explaining how to code it) should be
              straightforward. Kees, can you weigh in with your thoughts on what's
              needed for this?

              Bryce
            • Bryce Harrington
              ... Hi Laurent, We think we ve figured out how to handle the SSL capabilities. In our daemon we pass the following options into SOAP::Transport::HTTP::Daemon:
              Message 6 of 9 , Jan 6, 2005
              • 0 Attachment
                On Thu, 2 Dec 2004, laurentf_ml wrote:
                > > For my project, we've got a similar need, but it appears that
                > because
                > > Perl lacks decent certificate management, ssl can't be used in
                > daemon
                > > mode.
                > >
                > > We'd be interested in collaborating with others to try to get this
                > issue
                > > solved.
                >
                > Hello Bryce,
                >
                > I'm happy to learn that I'm not alone :-)
                >
                > here are the results of my searchs done before posting here :
                >
                > http://search.cpan.org/~reatmon/Net-HTTPServer-1.0
                > .2/lib/Net/HTTPServer.pm
                >

                Hi Laurent,

                We think we've figured out how to handle the SSL capabilities. In our
                daemon we pass the following options into SOAP::Transport::HTTP::Daemon:


                my %args;
                $args{'LocalPort'} = 8081;
                $args{'ReuseAddr'} = 1;
                $args{'Listen'} = 5;
                if ($opt_ssl) {
                $args{'SSL_key_file'} = $opt_ssl_key_file;
                $args{'SSL_cert_file'} = $opt_ssl_cert_file;
                }

                my $daemon = SOAP::Transport::HTTP::Daemon
                -> new ( %args )
                -> dispatch_to('WebService::TestSystem')
                -> options({compress_threshold => 10000})
                ;

                print "Contact to SOAP server at ", $daemon->url, "\n";
                $daemon->handle;


                Hope this helps,
                Bryce
              • h2ofaull
                Greetings, I m sure this is a straightforward problem, but I ve searched the soaplite archives, and 3 suggested books on the subject to no avail... and it
                Message 7 of 9 , Jan 11, 2005
                • 0 Attachment
                  Greetings,

                  I'm sure this is a straightforward problem, but I've searched the
                  soaplite archives, and 3 suggested books on the subject to no avail...
                  and it seems to be related to this thread.

                  The code posted previously appears to be the server-side of the SSL
                  certificate issue -- is there a simple solution for the client side?
                  I have the .CER certificate file, but I can't seem to "install" it or
                  figure out how to reference it in my client when I'm connecting to the
                  server.

                  Has anyone done this and could tell me how to reference or "install"
                  my certificate client-side for a HTTPS connection with need for a
                  certificate?

                  Again, I hope this is simple! Thanks for your time...
                  -brian


                  --- In soaplite@yahoogroups.com, Bryce Harrington <bryce@o...> wrote:
                  > On Thu, 2 Dec 2004, laurentf_ml wrote:
                  > > > For my project, we've got a similar need, but it appears that
                  > > because
                  > > > Perl lacks decent certificate management, ssl can't be used in
                  > > daemon
                  > > > mode.
                  > > >
                  > > > We'd be interested in collaborating with others to try to get
                  this
                  > > issue
                  > > > solved.
                  > >
                  > > Hello Bryce,
                  > >
                  > > I'm happy to learn that I'm not alone :-)
                  > >
                  > > here are the results of my searchs done before posting here :
                  > >
                  > > http://search.cpan.org/~reatmon/Net-HTTPServer-1.0
                  > > .2/lib/Net/HTTPServer.pm
                  > >
                  >
                  > Hi Laurent,
                  >
                  > We think we've figured out how to handle the SSL capabilities. In
                  our
                  > daemon we pass the following options into SOAP::
                  Transport::HTTP::Daemon:
                  >
                  >
                  > my %args;
                  > $args{'LocalPort'} = 8081;
                  > $args{'ReuseAddr'} = 1;
                  > $args{'Listen'} = 5;
                  > if ($opt_ssl) {
                  > $args{'SSL_key_file'} = $opt_ssl_key_file;
                  > $args{'SSL_cert_file'} = $opt_ssl_cert_file;
                  > }
                  >
                  > my $daemon = SOAP::Transport::HTTP::Daemon
                  > -> new ( %args )
                  > -> dispatch_to('WebService::TestSystem')
                  > -> options({compress_threshold => 10000})
                  > ;
                  >
                  > print "Contact to SOAP server at ", $daemon->url, "\n";
                  > $daemon->handle;
                  >
                  >
                  > Hope this helps,
                  > Bryce
                • h2ofaull
                  Sorry - to be clear, I have a new Certificate Authority (CA) certificate... I have installed this for my browser, but I think Perl isn t finding it. Thanks
                  Message 8 of 9 , Jan 12, 2005
                  • 0 Attachment
                    Sorry - to be clear, I have a new Certificate Authority (CA)
                    certificate... I have installed this for my browser, but I think Perl
                    isn't finding it.

                    Thanks again! :)

                    -brian


                    --- In soaplite@yahoogroups.com, "h2ofaull" <h2ofaull@y...> wrote:
                    >
                    > Greetings,
                    >
                    > I'm sure this is a straightforward problem, but I've searched the
                    > soaplite archives, and 3 suggested books on the subject to no avail...
                    > and it seems to be related to this thread.
                    >
                    > The code posted previously appears to be the server-side of the SSL
                    > certificate issue -- is there a simple solution for the client side?
                    > I have the .CER certificate file, but I can't seem to "install" it or
                    > figure out how to reference it in my client when I'm connecting to the
                    > server.
                    >
                    > Has anyone done this and could tell me how to reference or "install"
                    > my certificate client-side for a HTTPS connection with need for a
                    > certificate?
                    >
                    > Again, I hope this is simple! Thanks for your time...
                    > -brian
                    >
                    >
                    > --- In soaplite@yahoogroups.com, Bryce Harrington <bryce@o...> wrote:
                    > > On Thu, 2 Dec 2004, laurentf_ml wrote:
                    > > > > For my project, we've got a similar need, but it appears that
                    > > > because
                    > > > > Perl lacks decent certificate management, ssl can't be used in
                    > > > daemon
                    > > > > mode.
                    > > > >
                    > > > > We'd be interested in collaborating with others to try to get
                    > this
                    > > > issue
                    > > > > solved.
                    > > >
                    > > > Hello Bryce,
                    > > >
                    > > > I'm happy to learn that I'm not alone :-)
                    > > >
                    > > > here are the results of my searchs done before posting here :
                    > > >
                    > > > http://search.cpan.org/~reatmon/Net-HTTPServer-1.0
                    > > > .2/lib/Net/HTTPServer.pm
                    > > >
                    > >
                    > > Hi Laurent,
                    > >
                    > > We think we've figured out how to handle the SSL capabilities. In
                    > our
                    > > daemon we pass the following options into SOAP::
                    > Transport::HTTP::Daemon:
                    > >
                    > >
                    > > my %args;
                    > > $args{'LocalPort'} = 8081;
                    > > $args{'ReuseAddr'} = 1;
                    > > $args{'Listen'} = 5;
                    > > if ($opt_ssl) {
                    > > $args{'SSL_key_file'} = $opt_ssl_key_file;
                    > > $args{'SSL_cert_file'} = $opt_ssl_cert_file;
                    > > }
                    > >
                    > > my $daemon = SOAP::Transport::HTTP::Daemon
                    > > -> new ( %args )
                    > > -> dispatch_to('WebService::TestSystem')
                    > > -> options({compress_threshold => 10000})
                    > > ;
                    > >
                    > > print "Contact to SOAP server at ", $daemon->url, "\n";
                    > > $daemon->handle;
                    > >
                    > >
                    > > Hope this helps,
                    > > Bryce
                  Your message has been successfully submitted and would be delivered to recipients shortly.