.\" -*- mode: troff; coding: utf-8 -*- .\" Automatically generated by Pod::Man 5.01 (Pod::Simple 3.43) .\" .\" Standard preamble: .\" ======================================================================== .de Sp \" Vertical space (when we can't use .PP) .if t .sp .5v .if n .sp .. .de Vb \" Begin verbatim text .ft CW .nf .ne \\$1 .. .de Ve \" End verbatim text .ft R .fi .. .\" \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>. .ie n \{\ . ds C` "" . ds C' "" 'br\} .el\{\ . ds C` . ds C' 'br\} .\" .\" Escape single quotes in literal strings from groff's Unicode transform. .ie \n(.g .ds Aq \(aq .el .ds Aq ' .\" .\" If the F register is >0, we'll generate index entries on stderr for .\" titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index .\" entries marked with X<> in POD. Of course, you'll have to process the .\" output yourself in some meaningful fashion. .\" .\" Avoid warning from groff about undefined register 'F'. .de IX .. .nr rF 0 .if \n(.g .if rF .nr rF 1 .if (\n(rF:(\n(.g==0)) \{\ . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF .\" ======================================================================== .\" .IX Title "Net::Proxy::Connector::ssl 3pm" .TH Net::Proxy::Connector::ssl 3pm 2024-05-15 "perl v5.38.2" "User Contributed Perl Documentation" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l .nh .SH NAME Net::Proxy::Connector::ssl \- SSL Net::Proxy connector .SH DESCRIPTION .IX Header "DESCRIPTION" \&\f(CW\*(C`Net::Proxy::Connecter::ssl\*(C'\fR is a \f(CW\*(C`Net::Proxy::Connector\*(C'\fR that can manage SSL connections (thanks to \f(CW\*(C`IO::Socket::SSL\*(C'\fR). .PP By default, this connector creates SSL sockets. You will need to subclass it to create "smarter" connectors than can upgrade their connections to SSL. .PP In addition to the options listed below, this connector accepts all \&\f(CW\*(C`SSL_...\*(C'\fR options to \f(CW\*(C`IO::Socket::SSL\*(C'\fR. They are transparently passed through to the appropriate \f(CW\*(C`IO::Socket::SSL\*(C'\fR methods when needed. .SH "CONNECTOR OPTIONS" .IX Header "CONNECTOR OPTIONS" The connector accept the following options: .ie n .SS """in""" .el .SS \f(CWin\fP .IX Subsection "in" .IP host 4 .IX Item "host" The listening address. If not given, the default is \f(CW\*(C`localhost\*(C'\fR. .IP port 4 .IX Item "port" The listening port. .IP start_cleartext 4 .IX Item "start_cleartext" If true, the connection will start in cleartext. It is possible to upgrade a socket to using SSL with the \f(CWupgrade_SSL()\fR method. .ie n .SS """out""" .el .SS \f(CWout\fP .IX Subsection "out" .IP host 4 .IX Item "host" The listening address. If not given, the default is \f(CW\*(C`localhost\*(C'\fR. .IP port 4 .IX Item "port" The listening port. .IP start_cleartext 4 .IX Item "start_cleartext" If true, the connection will start in cleartext. It is possible to upgrade a socket to using SSL with the \f(CWupgrade_SSL()\fR method. .SH METHODS .IX Header "METHODS" The Net::Proxy::Connector::ssl connector has an extra method: .SS upgrade_SSL .IX Subsection "upgrade_SSL" .Vb 1 \& $connector\->upgrade_SSL( $sock ) .Ve .PP This method will upgrade a cleartext socket to SSL. If the socket is already in SSL, it will \f(CWcarp()\fR. .SH "CREATING A SELF-SIGNED CERTIFICATE" .IX Header "CREATING A SELF-SIGNED CERTIFICATE" I tend to forget this information, and the openssl documentation doesn't make this any clearer, so here are the most basic commands needed to create your own self-signed certificate (courtesy David Morel): .PP .Vb 2 \& $ openssl genrsa \-out key.pem 1024 \& $ openssl req \-new \-key key.pem \-x509 \-out cert.pem \-days 365 .Ve .PP A certificate is required is you want to run a SSL server or a proxy with a \f(CW\*(C`Net::Proxy::Connector::ssl\*(C'\fR as its \f(CW\*(C`in\*(C'\fR connector. .PP Once the key and certificate have been created, you can use them in your parameter list to \f(CW\*(C`Net::Proxy\->new()\*(C'\fR (they are passed through to \f(CW\*(C`IO::Socket::SSL\*(C'\fR): .PP .Vb 11 \& Net::Proxy\->new( \& { \& in => { \& host => \*(Aq0.0.0.0\*(Aq, \& port => 443, \& SSL_key_file => \*(Aqkey.pem\*(Aq, \& SSL_cert_file => \*(Aqcert.pem\*(Aq, \& }, \& out => { type => \*(Aqtcp\*(Aq, port => \*(Aq80\*(Aq } \& } \& ); .Ve .SH AUTHOR .IX Header "AUTHOR" Philippe 'BooK' Bruhat, \f(CW\*(C`\*(C'\fR. .SH COPYRIGHT .IX Header "COPYRIGHT" Copyright 2006\-2014 Philippe 'BooK' Bruhat, All Rights Reserved. .SH LICENSE .IX Header "LICENSE" This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.