I am using HPE MSA 1040, and trying to configure the storage server MSA 1040 via CLI by using a Perl script. I took the Perl code from HPE MSA 1040/2040 CLI Reference Guide page 17, which I have a problem of SSL login:
use LWP::UserAgent; use Digest::MD5 qw(md5_hex); use XML::LibXML; use IO::Socket::SSL qw(debug3); my $md5_data = "manage_!manage"; my $md5_hash = md5_hex( $md5_data ); # Create a user agent for sending https requests and generate a request object. $user_agent = LWP::UserAgent->new( ); $url = 'https://msa1040_ip_address/api/login/' . $md5_hash; # Create a user agent for sending https requests and generate a request object. $request = HTTP::Request->new( GET => $url ); # Send the request object to the system. The response will be returned. $response = $user_agent->request($request);
I couldn't establish an SSL connection, as can be seen from the debug messages:
DEBUG: .../IO/Socket/SSL.pm:2755: new ctx 48462496 DEBUG: .../IO/Socket/SSL.pm:624: socket not yet connected DEBUG: .../IO/Socket/SSL.pm:626: socket connected DEBUG: .../IO/Socket/SSL.pm:648: ssl handshake not started DEBUG: .../IO/Socket/SSL.pm:684: not using SNI because hostname is unknown DEBUG: .../IO/Socket/SSL.pm:716: request OCSP stapling DEBUG: .../IO/Socket/SSL.pm:737: set socket to non-blocking to enforce timeout=180 DEBUG: .../IO/Socket/SSL.pm:750: call Net::SSLeay::connect DEBUG: .../IO/Socket/SSL.pm:753: done Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:763: ssl handshake in progress DEBUG: .../IO/Socket/SSL.pm:773: waiting for fd to become ready: SSL wants a read first DEBUG: .../IO/Socket/SSL.pm:793: socket ready, retrying connect DEBUG: .../IO/Socket/SSL.pm:750: call Net::SSLeay::connect DEBUG: .../IO/Socket/SSL.pm:2656: did not get stapled OCSP response DEBUG: .../IO/Socket/SSL.pm:2609: ok=0 [0] /C=US/ST=CO/O=HP/OU=MSA-Storage/CN=172.22.1.190/C=US/ST=CO/O=HP/OU=MSA-Storage/CN=172.22.1.190 DEBUG: .../IO/Socket/SSL.pm:753: done Net::SSLeay::connect -> -1 DEBUG: .../IO/Socket/SSL.pm:756: SSL connect attempt failed DEBUG: .../IO/Socket/SSL.pm:756: local error: SSL connect attempt failed error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed DEBUG: .../IO/Socket/SSL.pm:759: fatal SSL error: SSL connect attempt failed error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed DEBUG: ...18.2/Net/HTTPS.pm:69: ignoring less severe local error 'IO::Socket::IP configuration failed', keep 'SSL connect attempt failed error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed' DEBUG: .../IO/Socket/SSL.pm:2777: free ctx 48462496 open=48462496 DEBUG: .../IO/Socket/SSL.pm:2782: free ctx 48462496 callback DEBUG: .../IO/Socket/SSL.pm:2789: OK free ctx 48462496
Note the error:
SSL connect attempt failed error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
What did I do wrong here? It's the code that I took from the example provided by HPE, and yet it doesn't work. I am using Perl v5.18.2 (from a Debian Trusty).