[SR-Users] http_async_client problem with tls_ca_path

[gmele]

Hello,

I'm having strange behavior with the http_async_client module and https
connections. Our kamailio config use REST interfaces to send push to mobile
apps when calls are initiated. We also use a REST interface to register the
client in our push database (and then be able to use the info to send a
push). Our REST interface use TLS to cypher exchanged data between the SIP
registrar and the Pusher service.

We have configured the tls connection using modparam:

# ------ http async client params -------
modparam("http_async_client", "workers", 16)
modparam("http_async_client", "connection_timeout", 20000) # 20 seconds
timeout on HTTP requests
modparam("http_async_client", "hash_size", 2048) # update this value
depending of the load
#modparam("http_async_client", "curl_verbose", 1) # curl debug
modparam("http_async_client", "tls_ca_path", "/etc/kamailio/ssl/ca")


What we have noticed is when there is 1 SIP Register requests triggering and
HTTPS request all works fine, but as soon as we have several HTTPS request
in //, the HTTPS request fails with curl error 77: curl: (77) Problem with
the SSL CA cert (path? access rights?).

We tried to put the Root CA Path when building the request:

    $http_req(all) = $null;     # reset the parameters
    $http_req(method) = "POST";
    $http_req(hdr) = "authorization: "+$hdr(authorization);
    $http_req(hdr) = "Content-Type: application/json";
    $http_req(suspend) = 0;  # don't suspend the transaction, continue
routing script's execution
    $http_req(body) = "{ 'pushRegistration':{'callId':'" + $ci + "',
'fromUri':'" + $fU + "@" + $fd + "', 'contactLine':'" + $ct + "'}}";
    $http_req(tls_ca_path) = "/etc/kamailio/ssl/ca/";
    http_async_query("https://pusher:443/rest/push/register",
"HTTP_REGISTER_REPLY");

But we have exactly the same behavior. 

Does the http_async_client module supports muti-thread?

Regards


Giovanni



--
Sent from: http://sip-router.1086192.n5.nabble.com/Users-f3.html