I recently needed to authenticate to a remote API using an SSL client certificate, and had a bit of trouble getting LWP::UserAgent to work with it.
The examples I found which looked like they should work involved e.g.:
use LWP::UserAgent;
my $ua = LWP::UserAgent->new(
ssl_opts => {
SSL_use_cert => 1,
SSL_cert_file => "/path/to/clientcert.crt",
SSL_key_file => "/path/to/privatekey.key",
},
);
However, that didn’t work; changing the paths to the cert/key to non-existent files didn’t cause any difference, so I suspected that those options were actually being ignored.
After a fair bit of digging, the option I found that actually worked was loading Net::SSL first, to make LWP use Net::SSLeay, and setting env vars to the client cert to use:
use Net::SSL;
use LWP::UserAgent;
$ENV{HTTPS_CERT_FILE} = "/path/to/clientcert.crt";
$ENV{HTTPS_KEY_FILE} = "/path/to/privatekey.key";
my $ua = LWP::UserAgent->new();
This, to me, is pretty icky – I’d much rather pass config to affect just that single LWP object. However, it gets it working.