For a more specific answer, we'd need to know how you are instantiating your LWP object.
But what you probably need to know about is the SSL_ca_file
and SSL_ca_path
options for ssl_opts
in the LWP constructor. Without one of these set, it assumes the Mozilla_CA is the CA to to use to verify websites.
See LWP::Protocol::https
And LWP::UserAgent, ssl_opts
constructor option.
If you are using something like lwp-download and not actually instantiating the LWP::UserAgent object yourself, then you need to set the PERL_LWP_SSL_CA_FILE
environment variable to point to your certificate authority or set PERL_LWP_SSL_CA_PATH
to your CA path. You can just set these instead of passing in to ssl_opts
as well.
If you aren't particularly worried about doing all this verification and like to live dangerously, you can set verify_hostname => 0
for ssl_opts
or set PERL_LWP_VERIFY_HOSTNAME
environment variable to 0.
And as noted in the documentation, LWP 5.837 and earlier had verify_hostname
off by default, whereas later versions default to it being on