couchdb-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joey Samonte <csharpdevelo...@hotmail.com>
Subject RE: Can clustering be setup between nodes that only accept SSL connections?
Date Thu, 25 Aug 2016 10:15:21 GMT
We are currently using nginx sir as reverse proxy in front of CouchDB
 
> From: rnewson@apache.org
> Subject: Re: Can clustering be setup between nodes that only accept SSL connections?
> Date: Thu, 25 Aug 2016 11:07:29 +0100
> To: dev@couchdb.apache.org
> 
> Yes, couchdb can be configured that way but my recommendation is to put something like
haproxy in front instead. The native ssl support in Erlang has a buggy history in my experience,
though I believe 18.x is working quite nicely. Further, with couchdb 2.0, you'll want a round-robin
loss balancer in front of them to fully enjoy the clustered fault tolerance. 
> 
> For < 2.0, you just need to configure the httpsd daemon and comment out the httpsd
one. For 2.0, I'll have to research a little as I'm not sure the chttpd service is as rainy
disabled. 
> 
> Sent from my iPhone
> 
> > On 24 Aug 2016, at 21:08, Joey Samonte <csharpdeveloper@hotmail.com> wrote:
> > 
> > Good day,
> > 
> > SSL is a must for us to secure our data. Can the CouchDB nodes in the cluster only
allow https, for example, on port 6984?
> >                         
> 
 		 	   		  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message