We had a bit of trouble getting Perl’s World-Wide Web Library (LWP) to work through a Squid proxy when accessing HTTPS resources, but I narrowed it down. This small sample works for me:
#!/usr/bin/perl
# PROXY SUPPORT
$ENV{HTTPS_PROXY} = 'http://squid.example.com:3128';
# PROXY_BASIC_AUTH
$ENV{HTTPS_PROXY_USERNAME} = 'user';
$ENV{HTTPS_PROXY_PASSWORD} = 'pass';
# DEFAULT SSL VERSION
$ENV{HTTPS_VERSION} = '3';
# DEBUGGING SWITCH / LOW LEVEL SSL DIAGNOSTICS
$ENV{HTTPS_DEBUG} = 0;
# this must contain the CA's root cert
$ENV{HTTPS_CA_FILE} = '/shared/ca.crt';
# CLIENT PKCS12 CERT SUPPORT [untested]
$ENV{HTTPS_PKCS12_FILE} = 'certs/pkcs12.p12';
$ENV{HTTPS_PKCS12_PASSWORD} = 'PKCS12_PASSWORD';
use LWP::UserAgent;
my $ua = new LWP::UserAgent;
my $req = new HTTP::Request('GET', 'https://some.place.on.web/');
my $res = $ua->request($req);
print $res->code." " . $res->as_string . "\n";
If the CA_FILE
doesn’t contain the Certification Authority’s root
certificate, my version of squid complains that it cannot access the domain;
the error-message is wrong, but the intention is clear. In fact squid’s logs
show it trying to access itself. Just ensure you have the certificate in the
bundle.