What http client does the httpcaller use?

Question

Hi,I'm investigating the impact that the move to remove https support for TLS1.1 and below may have on my processes running in fme desktop and server.Does anyone know what http clients the httpcaller uses?I assumed it was the client installed on the OS, but i'm running fmeserver/desktop on a windows2008R2 server with IE8 installed.  If i look at a TLS1.2 only site using IE8 on this server it complains like mad because i'm trying to use TLS1.0, but if i use the httpcaller from inside fmedesktop and server it connects just fine using TLS1.2.  Leading me to deduce FME installs and uses it's own client.  I would like to know what it is. (libcurl_fme.dll probably has something to do with it? i also noticed an ssl certificate in the install dir.)It must pick up internet proxy details from the default browser though right?regards,Nick(specifically i'm currently running FME 2015.0, but i'm looking to upgrade to 2018.1)

jlutherthomas · Accepted Answer

Hi @nrichI got some more information on this. We use libcurl on all platforms, although I believe that on Linux we use the system version of libcurl, and we ship our own version on Windows and Mac.For SSL,/TLS we use the system libraries on Windows and Mac, and OpenSSL on Linux. As a result, the SSL certificates in the install folder are only used on Linux, because we use the system certificate storage on Windows and Mac.FME can be configured to use the system proxy settings.  See here. Alternatively, it turns out you can set some environment variable that libcurl will pick up for proxy configuration.Those comments really only apply to the HTTPCaller, and generally speaking also to readers which have a URL dataset. Setting up web connections uses a Java HTTP(S) client, and python plugins have their own libraries as well.

nrich · Answer

Hi @nrichI got some more information on this. We use libcurl on all platforms, although I believe that on Linux we use the system version of libcurl, and we ship our own version on Windows and Mac.For SSL,/TLS we use the system libraries on Windows and Mac, and OpenSSL on Linux. As a result, the SSL certificates in the install folder are only used on Linux, because we use the system certificate storage on Windows and Mac.FME can be configured to use the system proxy settings.  See here. Alternatively, it turns out you can set some environment variable that libcurl will pick up for proxy configuration.Those comments really only apply to the HTTPCaller, and generally speaking also to readers which have a URL dataset. Setting up web connections uses a Java HTTP(S) client, and python plugins have their own libraries as well.Thanks @jlutherthomas  for the quick and detailed response.So in my case a https call made from a httpcaller in a job running on fme server would:1) use the safe version of libcurl to make a connection, but2) libcurl would use the windows OS default browsers certificate storage and TLS settings to verify and encrypt the linkThis is kind of what I thought would be happening, although I'm a little confused, because  I have IE8 installed as my default browser, which doesn't support tls1.2.  Yet my fme installation does.  Firefox is also installed on this box, so perhaps libcurl has managed to attach to that instead.Is their anyway to tell what security certificates/ system libraries  libcurl has a dependency on do you know?regards,Nick(internet proxy - interesting that you can perhaps set system variables for libcurl, configuring the windows internet proxy settings for the service user running fmeserver was a bit of a pain when we were configuring it - setting it as system variables would be much easier and clearer for the system admins.  presumably more info on that would be on the libcurl website, i'll go have a look.)

What http client does the httpcaller use?

2 replies

Reply

Community Stats

Reply

Community Stats

Sign up

An FME Account is required to contribute

Login to the community

An FME Account is required to contribute

Scanning file for viruses.

This file cannot be downloaded