Loading ...
Sorry, an error occurred while loading the content.

Re: [soaplite] Re: SOAP::Transport::HTTP::Daemon::SSL ???

Expand Messages
  • Hostile
    I think it should be possible in theory to do a https server with certificates. I did some reading into it a few months back. I soon decided I would rather
    Message 1 of 9 , Dec 2, 2004
    View Source
    • 0 Attachment
      I think it should be possible in theory to do a https server with
      certificates. I did some reading into it a few months back. I soon
      decided I would rather use Apache and that I would not put a perl
      based service facing the world.

      If you read into the transport stuff, you can write your own. I
      suspect you can use HTTP::Daemon::SSL and somehow set the certificate
      values etc either by passing the right arguements when creating the
      object or by setting %ENV variables (prolly something do to with
      Crypt::SSLeay).

      I have the Orielly book, that gave me some ideas. Its been too long
      since I looked at this but if it is of any use I have attached some
      code I played with.

      The code I have attached, I just copied the HTTP transport and
      replaced HTTP::Daemon with HTTP::Daemon::SSL

      HTTP::Daemon::SSL does not fork for you, hence the prefork version
      also attached.

      Cheers :)

      Martin


      On Thu, 02 Dec 2004 08:57:42 -0000, laurentf_ml <laurentf_ml@...> wrote:
      >
      >
      >
      >
      > > For my project, we've got a similar need, but it appears that
      > because
      > > Perl lacks decent certificate management, ssl can't be used in
      > daemon
      > > mode.
      > >
      > > We'd be interested in collaborating with others to try to get this
      > issue
      > > solved.
      >
      > Hello Bryce,
      >
      > I'm happy to learn that I'm not alone :-)
      >
      > here are the results of my searchs done before posting here :
      >
      > http://search.cpan.org/~reatmon/Net-HTTPServer-1.0
      > .2/lib/Net/HTTPServer.pm
      >
      > which has this interesting option :
      >
      > ssl => 0|1 - Run a secure server using SSL. You must
      > specify ssl_key, ssl_cert, and ssl_ca if
      > set this to 1.
      > ( Default: 0 )
      >
      > (but how to do the "glue" with Soaplite ?)
      >
      > and
      >
      > http://search.cpan.org/~behroozi/HTTP-Daemon-SSL-1.01/SSL.pm
      >
      > by looking in Soaplite source code, I ask myself if this one couldn't
      > be added in HTTP.pm ( as a "SOAP::Transport::HTTP::Daemon::SSL" )
      >
      > ... but it's probably beyond my perl capabilities !
      >
      > regards,
      > Laurent F.
      >
      >
      >
      >
      > > Bryce
      > >
      > > On Wed, 1 Dec 2004, laurentf_ml wrote:
      > > > Hello,
      > > >
      > > > I would like to write a little stand-alone soap server, which is
      > very
      > > > easy with SOAP::Transport::HTTP::Daemon, but, for security
      > reasons, I
      > > > would like to use HTTPS instead of HTTP.
      > > >
      > > > Is something like this possible (whithout apache) ?
      > > >
      > > > regards,
      > > > Laurent F.
      >
      >
      > Yahoo! Groups Links
      >
      >
      >
      >
      >
    • Bryce Harrington
      ... Yeah I had scanned through the entire archives of this list looking for an answer, and I was surprised to see the question asked a number of times
      Message 2 of 9 , Dec 2, 2004
      View Source
      • 0 Attachment
        On Thu, 2 Dec 2004, laurentf_ml wrote:
        > I'm happy to learn that I'm not alone :-)

        Yeah I had scanned through the entire archives of this list looking for
        an answer, and I was surprised to see the question asked a number of
        times previously. Unfortunately I didn't spot a solid answer. It
        appears to be a still-unsolved problem.

        > here are the results of my searchs done before posting here :
        >
        > http://search.cpan.org/~reatmon/Net-HTTPServer-1.0
        > .2/lib/Net/HTTPServer.pm
        >
        > which has this interesting option :
        >
        > ssl => 0|1 - Run a secure server using SSL. You must
        > specify ssl_key, ssl_cert, and ssl_ca if
        > set this to 1.
        > ( Default: 0 )
        >
        >
        > (but how to do the "glue" with Soaplite ?)
        >
        > and
        >
        > http://search.cpan.org/~behroozi/HTTP-Daemon-SSL-1.01/SSL.pm
        >
        > by looking in Soaplite source code, I ask myself if this one couldn't
        > be added in HTTP.pm ( as a "SOAP::Transport::HTTP::Daemon::SSL" )
        >
        > ... but it's probably beyond my perl capabilities !

        Cool, I've passed this along to Kees, who has been looking into this a
        bit with me.

        For us the issue is just lack of sufficient time to research into what
        needs to be done. Coding it up (or explaining how to code it) should be
        straightforward. Kees, can you weigh in with your thoughts on what's
        needed for this?

        Bryce
      • Bryce Harrington
        ... Hi Laurent, We think we ve figured out how to handle the SSL capabilities. In our daemon we pass the following options into SOAP::Transport::HTTP::Daemon:
        Message 3 of 9 , Jan 6, 2005
        View Source
        • 0 Attachment
          On Thu, 2 Dec 2004, laurentf_ml wrote:
          > > For my project, we've got a similar need, but it appears that
          > because
          > > Perl lacks decent certificate management, ssl can't be used in
          > daemon
          > > mode.
          > >
          > > We'd be interested in collaborating with others to try to get this
          > issue
          > > solved.
          >
          > Hello Bryce,
          >
          > I'm happy to learn that I'm not alone :-)
          >
          > here are the results of my searchs done before posting here :
          >
          > http://search.cpan.org/~reatmon/Net-HTTPServer-1.0
          > .2/lib/Net/HTTPServer.pm
          >

          Hi Laurent,

          We think we've figured out how to handle the SSL capabilities. In our
          daemon we pass the following options into SOAP::Transport::HTTP::Daemon:


          my %args;
          $args{'LocalPort'} = 8081;
          $args{'ReuseAddr'} = 1;
          $args{'Listen'} = 5;
          if ($opt_ssl) {
          $args{'SSL_key_file'} = $opt_ssl_key_file;
          $args{'SSL_cert_file'} = $opt_ssl_cert_file;
          }

          my $daemon = SOAP::Transport::HTTP::Daemon
          -> new ( %args )
          -> dispatch_to('WebService::TestSystem')
          -> options({compress_threshold => 10000})
          ;

          print "Contact to SOAP server at ", $daemon->url, "\n";
          $daemon->handle;


          Hope this helps,
          Bryce
        • h2ofaull
          Greetings, I m sure this is a straightforward problem, but I ve searched the soaplite archives, and 3 suggested books on the subject to no avail... and it
          Message 4 of 9 , Jan 11, 2005
          View Source
          • 0 Attachment
            Greetings,

            I'm sure this is a straightforward problem, but I've searched the
            soaplite archives, and 3 suggested books on the subject to no avail...
            and it seems to be related to this thread.

            The code posted previously appears to be the server-side of the SSL
            certificate issue -- is there a simple solution for the client side?
            I have the .CER certificate file, but I can't seem to "install" it or
            figure out how to reference it in my client when I'm connecting to the
            server.

            Has anyone done this and could tell me how to reference or "install"
            my certificate client-side for a HTTPS connection with need for a
            certificate?

            Again, I hope this is simple! Thanks for your time...
            -brian


            --- In soaplite@yahoogroups.com, Bryce Harrington <bryce@o...> wrote:
            > On Thu, 2 Dec 2004, laurentf_ml wrote:
            > > > For my project, we've got a similar need, but it appears that
            > > because
            > > > Perl lacks decent certificate management, ssl can't be used in
            > > daemon
            > > > mode.
            > > >
            > > > We'd be interested in collaborating with others to try to get
            this
            > > issue
            > > > solved.
            > >
            > > Hello Bryce,
            > >
            > > I'm happy to learn that I'm not alone :-)
            > >
            > > here are the results of my searchs done before posting here :
            > >
            > > http://search.cpan.org/~reatmon/Net-HTTPServer-1.0
            > > .2/lib/Net/HTTPServer.pm
            > >
            >
            > Hi Laurent,
            >
            > We think we've figured out how to handle the SSL capabilities. In
            our
            > daemon we pass the following options into SOAP::
            Transport::HTTP::Daemon:
            >
            >
            > my %args;
            > $args{'LocalPort'} = 8081;
            > $args{'ReuseAddr'} = 1;
            > $args{'Listen'} = 5;
            > if ($opt_ssl) {
            > $args{'SSL_key_file'} = $opt_ssl_key_file;
            > $args{'SSL_cert_file'} = $opt_ssl_cert_file;
            > }
            >
            > my $daemon = SOAP::Transport::HTTP::Daemon
            > -> new ( %args )
            > -> dispatch_to('WebService::TestSystem')
            > -> options({compress_threshold => 10000})
            > ;
            >
            > print "Contact to SOAP server at ", $daemon->url, "\n";
            > $daemon->handle;
            >
            >
            > Hope this helps,
            > Bryce
          • h2ofaull
            Sorry - to be clear, I have a new Certificate Authority (CA) certificate... I have installed this for my browser, but I think Perl isn t finding it. Thanks
            Message 5 of 9 , Jan 12, 2005
            View Source
            • 0 Attachment
              Sorry - to be clear, I have a new Certificate Authority (CA)
              certificate... I have installed this for my browser, but I think Perl
              isn't finding it.

              Thanks again! :)

              -brian


              --- In soaplite@yahoogroups.com, "h2ofaull" <h2ofaull@y...> wrote:
              >
              > Greetings,
              >
              > I'm sure this is a straightforward problem, but I've searched the
              > soaplite archives, and 3 suggested books on the subject to no avail...
              > and it seems to be related to this thread.
              >
              > The code posted previously appears to be the server-side of the SSL
              > certificate issue -- is there a simple solution for the client side?
              > I have the .CER certificate file, but I can't seem to "install" it or
              > figure out how to reference it in my client when I'm connecting to the
              > server.
              >
              > Has anyone done this and could tell me how to reference or "install"
              > my certificate client-side for a HTTPS connection with need for a
              > certificate?
              >
              > Again, I hope this is simple! Thanks for your time...
              > -brian
              >
              >
              > --- In soaplite@yahoogroups.com, Bryce Harrington <bryce@o...> wrote:
              > > On Thu, 2 Dec 2004, laurentf_ml wrote:
              > > > > For my project, we've got a similar need, but it appears that
              > > > because
              > > > > Perl lacks decent certificate management, ssl can't be used in
              > > > daemon
              > > > > mode.
              > > > >
              > > > > We'd be interested in collaborating with others to try to get
              > this
              > > > issue
              > > > > solved.
              > > >
              > > > Hello Bryce,
              > > >
              > > > I'm happy to learn that I'm not alone :-)
              > > >
              > > > here are the results of my searchs done before posting here :
              > > >
              > > > http://search.cpan.org/~reatmon/Net-HTTPServer-1.0
              > > > .2/lib/Net/HTTPServer.pm
              > > >
              > >
              > > Hi Laurent,
              > >
              > > We think we've figured out how to handle the SSL capabilities. In
              > our
              > > daemon we pass the following options into SOAP::
              > Transport::HTTP::Daemon:
              > >
              > >
              > > my %args;
              > > $args{'LocalPort'} = 8081;
              > > $args{'ReuseAddr'} = 1;
              > > $args{'Listen'} = 5;
              > > if ($opt_ssl) {
              > > $args{'SSL_key_file'} = $opt_ssl_key_file;
              > > $args{'SSL_cert_file'} = $opt_ssl_cert_file;
              > > }
              > >
              > > my $daemon = SOAP::Transport::HTTP::Daemon
              > > -> new ( %args )
              > > -> dispatch_to('WebService::TestSystem')
              > > -> options({compress_threshold => 10000})
              > > ;
              > >
              > > print "Contact to SOAP server at ", $daemon->url, "\n";
              > > $daemon->handle;
              > >
              > >
              > > Hope this helps,
              > > Bryce
            Your message has been successfully submitted and would be delivered to recipients shortly.