Got some code (simple RESTAPI query) migrated from an old Linux machine to a new Linux machine where Perl modules have been installed in an unknown way.
Using the following modules :
use JSON;
use REST::Client;
use Data::Dumper;
use MIME::Base64;
use LWP::UserAgent;
use Date::Calc qw(:all);
use Getopt::Long;
And having $ENV{'PERL_LWP_SSL_VERIFY_HOSTNAME'} = 0;
Got this warning message when executing the script (but it works) :
*******************************************************************
Using the default of SSL_verify_mode of SSL_VERIFY_NONE for client
is deprecated! Please set SSL_verify_mode to SSL_VERIFY_PEER
possibly with SSL_ca_file|SSL_ca_path for verification.
If you really don't want to verify the certificate and keep the
connection open to Man-In-The-Middle attacks please set
SSL_verify_mode explicitly to SSL_VERIFY_NONE in your application.
*******************************************************************
at /usr/share/perl5/LWP/Protocol/http.pm line 31.
Browsing internet leads me to a IO::Socket::SSL module, but it is in the same version than the older Linux (1.94).
LWP::UserAgent version is 6.05
So what would be the best way to avoid this nagging message ?
As specified in the documentation for REST::Client, just pass a custom user agent to the constructor, like so:
use LWP::UserAgent;
use REST::Client;
my $ua = LWP::UserAgent->new;
$ua->ssl_opts(
SSL_verify_mode => SSL_VERIFY_PEER,
SSL_ca_file => '/path/to/ca_cert.pem'
);
my $client = REST::Client->new({
host => 'https://your.internal.resource',
useragent => $ua
});
But, as noted in the comments (thanks @Steffen Ullrich). You should really update your LWP::UserAgent, and IO::Socket::SSL dists, then you wouldn't have to do any of this.