<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-GB" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Hi There,<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">I’m having a problem with mod_xml_curl on Windows (2008 R2) while attempting to curl requests/ responses over HTTPS.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">While running request over HTTP the curl works fine but simply switching to HTTPS causes the process to error. I’ve checked the IIS logs on our webserver and can see the requests are not arriving and running a packet trace on the Freeswitch
server it seems the request is not even leaving the server which points towards a configuration problem within freeswitch itself either within the Curl Config or something relating to OpenSSL.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Here is the error I receive from the Freeswitch logs:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">2012-02-27 22:50:14.284328 [ERR] mod_xml_curl.c:305 Received HTTP error 0 trying to fetch https://xxxx.xxxxxx-contact.com/FreeSwitchModXmlCurlServer/FreeswitchCurlServer.aspx<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">data: [hostname=DS_Freeswitch&section=directory&tag_name=domain&key_name=name&key_value=sipxxxx.xxxxxx--contact.com&Event-Name=REQUEST_PARAMS&Core-UUID=a474<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">3447-f6f2-4dd7-b8c2-81df33cb533b&FreeSWITCH-Hostname=DS_Freeswitch&FreeSWITCH-Switchname=DS_Freeswitch&FreeSWITCH-IPv4=10.1.1.98&FreeSWITCH-IPv6=%3A%3A1&Eve<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">nt-Date-Local=2012-02-27%2022%3A50%3A14&Event-Date-GMT=Mon,%2027%20Feb%202012%2022%3A50%3A14%20GMT&Event-Date-Timestamp=1330383014284328&Event-Calling-File=<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">sofia_reg.c&Event-Calling-Function=sofia_reg_parse_auth&Event-Calling-Line-Number=2108&action=sip_auth&sip_profile=sipPhones&sip_user_agent=Yealink%20SIP-T2<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">2P%xxx.xxx.xxx.xxx%2000%3A15%3A65%3A22%3A24%3A29&sip_auth_username=1001&sip_auth_realm=sipxxxx.xxxxxx--contact.com&sip_auth_nonce=d0587e72-xxxx-4734-f391a5<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">54987f&sip_auth_uri=sip%3Asipxxxx.xxxxxx--contact.com&sip_contact_user=1001&sip_contact_host=87.194.173.226&sip_to_user=1001&sip_to_host=sipxxxx.xxxxxx--con<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">tact.com&sip_from_user=1001&sip_from_host=sipxxxx.xxxxxx--contact.com&sip_request_host=sipxxxx.xxxxxx--contact.com&sip_auth_qop=auth&sip_auth_cnonce=0a4f113<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">b&sip_auth_nc=00000004&sip_auth_response=418b5804263d3cbaa75e25beecdf5088&sip_auth_method=REGISTER&key=id&user=1001&domain=sipxxxx.xxxxxx--contact.com&ip=xxx.xxx.xxx.xxx]<o:p></o:p></span></i></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">The Xml_curl.conf.xml only has the Curl URL added with all other variables commented out so I wouldn’t expect anything in there to cause any problems.
<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">This only leaves me with OpenSSL. Freeswitch was definitely built with OpenSSL however it seems some of the configuration for OpenSSL is default to Linux UNC paths.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">For example if I attempt to create TLS certificates from the command prompt I receive this error:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">C:\FreeSwitch>openssl req -new -out "careq.pem" -newkey rsa:1024 -keyout "cakey.pem" -config "tmpfile1.cfg" -nodes -sha1<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">WARNING: can't open config file:
<b>/usr/local/ssl/openssl.cnf<o:p></o:p></b></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">error on line -1 of tmpfile1.cfg<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">3568:error:02001002:system library:fopen:No such file or directory:..\..\openssl-1.0.0a\crypto\bio\bss_file.c:163:fopen('<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">3568:error:2006D080:BIO routines:BIO_new_file:no such file:..\..\openssl-1.0.0a\crypto\bio\bss_file.c:166:<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">3568:error:0E078072:configuration file routines:DEF_LOAD:no such file:..\..\openssl-1.0.0a\crypto\conf\conf_def.c:197:<o:p></o:p></span></i></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">After calling the following to redirect open SSL to another version of the .cnf file it requires (installed from
<a href="http://www.openssl.org">www.openssl.org</a> )<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">set OPENSSL_CONF="C:\Program Files (x86)\GnuWin32\share\openssl.cfg"<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><o:p> </o:p></i></p>
<p class="MsoNormal"><i>The this eliminates the first error but ther sys library, Bio Routine and Configuration file routines errors still appear<o:p></o:p></i></p>
<p class="MsoNormal"><i><o:p> </o:p></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">3568:error:02001002:system library:fopen:No such file or directory:..\..\openssl-1.0.0a\crypto\bio\bss_file.c:163:fopen('<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">3568:error:2006D080:BIO routines:BIO_new_file:no such file:..\..\openssl-1.0.0a\crypto\bio\bss_file.c:166:<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><span style="color:#953735;mso-style-textfill-fill-color:#953735;mso-style-textfill-fill-alpha:100.0%">3568:error:0E078072:configuration file routines:DEF_LOAD:no such file:..\..\openssl-1.0.0a\crypto\conf\conf_def.c:197:<o:p></o:p></span></i></p>
<p class="MsoNormal"><i><o:p> </o:p></i></p>
<p class="MsoNormal">Does anyone have any idea what the problem could be here? I could be looking in completely the wrong place for the answer here.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Any help, advice or direction would be greatly appreciated.<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Thanks<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Rob<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal"><i><o:p> </o:p></i></p>
</div>
</body>
</html>