I just rolled back to the 12/07 FS version and confirmed that mod_shout with SSL is working for me in that version...no complaints about the cert file<div><br><div>I'm speculating that the curl call in the 12/07 version is somehow referencing the CA file at /etc/ssl/certs/ca-certificates.crt , but is no longer referencing that file in the latest, and is trying to reference: /usr/local/freeswitch/share/curl/curl-ca-bundle.crt instead, which doesn't exist. </div>
<div><br></div><div>I guess I could put a sym link in there during my deployment process, but my question is: is this the appropriate way to handle the situation? Or should I be doing something different during the make and install? Or is there something I need to add to the FS configuration?</div>
<div><br></div><div>Thanks in advance!!</div><div>Matt</div><div><br><div class="gmail_quote">On Sat, Mar 3, 2012 at 11:53 AM, Matt Stockton <span dir="ltr"><<a href="mailto:mstockton@harqen.com">mstockton@harqen.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi all,<div><br></div><div>I just upgraded to the latest git, and I'm trying to dive into an issue I'm having. I am using mod_shout and in some instances am playing files that are hosted on web servers protected by https. This seemed to be working fine before I upgraded, but now I am getting the following issues, which is preventing the streaming of the files:</div>
<div><br></div><div><div>12-03-02 19:06:57.926919 [WARNING] mod_shout.c:468 CURL returned error:[77] problem with the SSL CA cert (path? access rights?) : error setting certificate verify locations:</div><div> CAfile: /usr/local/freeswitch/share/curl/curl-ca-bundle.crt</div>
<div> CApath: none</div></div><div><br></div><div>I looked at the code and the git history in mod_shout.c where it is setting all the curl options, nothing seems to have changed there since I last updated FS (12/07), however, the curl-ca-bundle file is certainly not located at /usr/local/freeswitch/share/curl/curl-ca-bundle.crt and never has been as far as I know.</div>
<div><br></div><div>I also looked at other mods that are using curl and where they are calling switch_curl_easy_setopt (mod_xml_curl, mod_httapi), and noticed that those mods are setting options that might be related to what I need? CURLOPT_SSLCERT</div>
<div><br></div><div>I am confused as to what is causing the breakage, since mod_shout hasn't changed since I last updated, yet none of the ssl curl options are set in mod_shout..and I never had any problems with the mod_shout curl usage finding the certificate verify locations by default. Is there some other default that used to be set in the freeswitch configuration that I need to set manually?</div>
<div><br></div><div>Any help is appreciated!!! Thanks!</div><span class="HOEnZb"><font color="#888888"><div>Matt</div>
</font></span></blockquote></div><br></div></div>