Inspecting SSL cert returned via LWP request

Question

I'm requesting a web page using LWP in perl, and I'd like to be able to access the SSL certificate that the web server presents (I'm looking for an expiration date in the cert, among other things). The information I want isn't in the three headers that Crypt::SSLeay adds to the request. Is there a way that I'm overlooking with which I can get an object reference (ideally) for the SSL cert? I've scanned some perl docs and Google, but it's been a long week and I'm probably just not reading the right thing.

If I can avoid it, I don't want to directly fetch the certificate by making a separate raw SSL connection - since there's an authenticated web proxy in the way and LWP just makes that problem transparently dissapear for me. :) And it's silly to make two connections when the data I need is already being transferred to my machine /somewhere/...

Answer 1

None of the callbacks that LWP provides give (intentional) access to the socket, but there does seem to be one potential workaround -- if you provide the keep_alive and conn_cache options to LWP, at the end of the request LWP will call ->deposit on the conn_cache object with the connection socket as an argument. You could either write a dummy conn-cache object, or just "creatively" use the LWP::ConnCache that LWP provides.

Anyway, if you use that backhanded method to get a hold of the socket, it will be a subclass of Net::SSL (assuming you're using ssleay), so you'll be able to just call ->get_peer_certificate on it.