Re: [SR-Users] memory allocation failure while reading ca_list

I know this is not a solution, but you can also try to run dpkg-reconfigure ca-certificates and select only a couple of CA certificates you trust. That should make the list much smaller. Debian includes a lot of CA certificates in its default list and I am not sure whether it is a good idea to trust them all blindly, given some of the recent issues with bad CAs.. -Jan On Mon, Mar 19, 2012 at 07:59, Juha Heinanen<jh(a)tutpro.com> wrote: > Daniel-Constantin Mierla writes: > >> I guess it is loaded two time, for the server and client profiles. Try >> to set it via dedicated module parameter and see if you get better >> memory usage: >> >> http://kamailio.org/docs/modules/stable/modules/tls.html#ca_list > i tried and it turned out that it is not possible to mix and match tls > config file and module params. if config file param file is given, then > mod param ca_list is ignored. > > also, it looks like it is not possible to share the same ca_list between > different tls.cfg sections, but each section needs to have its own > ca_list entry, which then increases memory requirement. > > -- juha