btw, the devel branch as well as last stable releases are compiled with memory debugger on, you can compile with F_MALLOC and try to see if you get some improvements, but I guess they will not be really relevant over all.
Cheers, Daniel
On 3/19/12 4:04 PM, Jan Janak wrote:
I know this is not a solution, but you can also try to run
dpkg-reconfigure ca-certificates
and select only a couple of CA certificates you trust. That should make the list much smaller. Debian includes a lot of CA certificates in its default list and I am not sure whether it is a good idea to trust them all blindly, given some of the recent issues with bad CAs..
-Jan
On Mon, Mar 19, 2012 at 07:59, Juha Heinanenjh@tutpro.com wrote:
Daniel-Constantin Mierla writes:
I guess it is loaded two time, for the server and client profiles. Try to set it via dedicated module parameter and see if you get better memory usage:
http://kamailio.org/docs/modules/stable/modules/tls.html#ca_list
i tried and it turned out that it is not possible to mix and match tls config file and module params. if config file param file is given, then mod param ca_list is ignored.
also, it looks like it is not possible to share the same ca_list between different tls.cfg sections, but each section needs to have its own ca_list entry, which then increases memory requirement.
-- juha