Hi all,
I need to post XML to a server via https, but I need to verify that the self-signed server certificate is correct before I push the XML (which contains sensitive information).
I'd prefer a perl solution, but there doesn't seem to be a CPAN solution that actually verifies the certificate - I thought Crypt::SSLeay would do it, but not in my testing ( http://perlmonks.org/?node_id=739072 )
I briefly looked at python (though I'm not sure if I can get any non-perl language installed on our production servers), but it looks like certificate validation isn't supported until version 2.6.0.
Perhaps I could shell out to something - wget seems to actually verify the peer certificate, but I'm not sure how to withhold the xml post until it's validated. Seems like this would take two wget requests: one to validate the certificate, and one to post the xml. This doesn't seem like the most secure solution to me (the second post could be hijacked).
Any tips?
Thanks