Caddy issues with ID Verification

I have encountered a very interesting problem in the last few days and I wanted to let people know. Don’t worry, the problem has been fixed but what happened might be interesting to other people facing a similar situation.

In the past with the Native environment, we used ID Verification in order to validate the identity of users who paid for a certificate. In order to make it work on our systems, we changed a few things in our fork in order to “intercept” calls to SoftwareSecure and use our own S3 bucket for the photos, but it has worked for the past 6 or 7 years and it is still working in our current Native installation with Koa :grin:

We ran into a problem with Tutor. Some of the photos wouldn’t load into our bucket. At first, I could not figure out why…

I had no problem from home or Monday when using my USB Logitech webcam. But when using the camera on my iMac at work on Tuesday, it wouldn’t work at all. I looked in the LMS logs, but could only find references to not providing a face id. But I just did… Weird.

I spent a few hours trying to figure out what was going on but could not find a lead. I decided to launch “tutor local start” from a terminal in order to look at the Tutor console logs. And then I saw it. An entry about the request_body size of an http request being too big for the Photo ID.

I decided to upload an image instead of taking a photograph of the Photo ID. It worked!

So, my camera at work takes larger picture than my camera at home. And that was part of the problem.

As a result, I had to edit $TUTOR_ROOT/env/apps/caddy/Caddyfile in order to modify the max_size of request_body for the LMS. I guess the values used by the Caddy configuration file were slightly different than what was used previously by Nginx in the Native installation.

Stopping Tutor and restarting it fixed everything :grin:

1 Like

Should we modify the request body max_size for certain urls? If yes, which one?

I would have to check which specific URL was the problem. Definitely the Photo ID (not the Face ID).

I will get back to you. I have a workaround for now so it is not an emergency.