Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

net::proxy::connector::ssl(3pm) [debian man page]

Net::Proxy::Connector::ssl(3pm) 			User Contributed Perl Documentation			   Net::Proxy::Connector::ssl(3pm)

NAME

       Net::Proxy::Connector::ssl - SSL Net::Proxy connector

DESCRIPTION

       "Net::Proxy::Connecter::ssl" is a "Net::Proxy::Connector" that can manage SSL connections (thanks to "IO::Socket::SSL").

       By default, this connector creates SSL sockets. You will need to subclass it to create "smarter" connectors than can upgrade their
       connections to SSL.

       In addition to the options listed below, this connector accepts all "SSL_..." options to "IO::Socket::SSL". They are transparently passed
       through to the appropriate "IO::Socket::SSL" methods when needed.

CONNECTOR OPTIONS

       The connector accept the following options:

   "in"
       o   host

	   The listening address. If not given, the default is "localhost".

       o   port

	   The listening port.

       o   start_cleartext

	   If true, the connection will start in cleartext.  It is possible to upgrade a socket to using SSL with the "upgrade_SSL()" method.

   "out"
       o   host

	   The listening address. If not given, the default is "localhost".

       o   port

	   The listening port.

       o   start_cleartext

	   If true, the connection will start in cleartext.  It is possible to upgrade a socket to using SSL with the "upgrade_SSL()" method.

METHODS

       The "Net::Proxy::Connector::ssl" connector has an extra method:

       upgrade_SSL( $sock )
	   This method will upgrade a cleartext socket to SSL.	If the socket is already in SSL, it will "carp()".

CREATING A SELF-SIGNED CERTIFICATE
       I tend to forget this information, and the openssl documentation doesn't make this any clearer, so here are the most basic commands needed
       to create your own self-signed certificate (courtesy David Morel):

	   $ openssl genrsa -out key.pem 1024
	   $ openssl req -new -key key.pem -x509 -out cert.pem -days 365

       A certificate is required is you want to run a SSL server or a proxy with a "Net::Proxy::Connector::ssl" as its "in" connector.

       Once the key and certificate have been created, you can use them in your parameter list to "Net::Proxy->new()" (they are passed through to
       "IO::Socket::SSL"):

	   Net::Proxy->new(
	       {
		   in => {
		       host	     => '0.0.0.0',
		       port	     => 443,
		       SSL_key_file  => 'key.pem',
		       SSL_cert_file => 'cert.pem',
		   },
		   out => { type => 'tcp', port => '80' }
	       }
	   );

AUTHOR

       Philippe 'BooK' Bruhat, "<book@cpan.org>".

COPYRIGHT

       Copyright 2006 Philippe 'BooK' Bruhat, All Rights Reserved.

LICENSE

       This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.

perl v5.10.1							    2009-10-18					   Net::Proxy::Connector::ssl(3pm)

Check Out this Related Man Page

Net::SSLGlue::SMTP(3pm) 				User Contributed Perl Documentation				   Net::SSLGlue::SMTP(3pm)

NAME

       Net::SSLGlue::SMTP - make Net::SMTP able to use SSL

SYNOPSIS

	       use Net::SSLGlue::SMTP;
	       my $smtp_ssl = Net::SMTP->new( $host,
		       SSL => 1,
		       SSL_ca_path => ...
	       );

	       my $smtp_plain = Net::SMTP->new( $host );
	       $smtp_plain->starttls( SSL_ca_path => ... );

DESCRIPTION

       Net::SSLGlue::SMTP extends Net::SMTP so one can either start directly with SSL or switch later to SSL using the STARTTLS command.

       By default it will take care to verify the certificate according to the rules for SMTP implemented in IO::Socket::SSL.

METHODS

       new The method "new" of Net::SMTP is now able to start directly with SSL when the argument "<SSL =" 1>> is given. In this case it will not
	   create an IO::Socket::INET object but an IO::Socket::SSL object. One can give the usual "SSL_*" parameter of IO::Socket::SSL to
	   "Net::SMTP::new".

       starttls
	   If the connection is not yet SSLified it will issue the STARTTLS command and change the object, so that SSL will now be used. The usual
	   "SSL_*" parameter of IO::Socket::SSL will be given.

       peer_certificate ...
	   Once the SSL connection is established the object is derived from IO::Socket::SSL so that you can use this method to get information
	   about the certificate. See the IO::Socket::SSL documentation.

       All of these methods can take the "SSL_*" parameter from IO::Socket::SSL to change the behavior of the SSL connection. The following
       parameters are especially useful:

       SSL_ca_path, SSL_ca_file
	   Specifies the path or a file where the CAs used for checking the certificates are located. This is typically "etc/ssl/certs" on UNIX
	   systems.

       SSL_verify_mode
	   If set to 0, verification of the certificate will be disabled. By default it is set to 1 which means that the peer certificate is
	   checked.

       SSL_verifycn_name
	   Usually the name given as the hostname in the constructor is used to verify the identity of the certificate. If you want to check the
	   certificate against another name you can specify it with this parameter.

SEE ALSO

       IO::Socket::SSL, Net::SMTP

COPYRIGHT

       This module is copyright (c) 2008, Steffen Ullrich.  All Rights Reserved.  This module is free software. It may be used, redistributed
       and/or modified under the same terms as Perl itself.

perl v5.14.2							    2012-04-06						   Net::SSLGlue::SMTP(3pm)
Man Page