couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Claris Castillo <clariscas...@gmail.com>
Subject Re: Problem connecting to Couchdg on SSL erlang: {reason,ekeyfile},
Date Thu, 13 Feb 2014 01:35:07 GMT
I tried multiple versions of erlang. I ended installing Couchdb 1.5.
Problem solved.
Thanks,


On Wed, Feb 12, 2014 at 3:19 PM, Dave Cottlehuber <dch@jsonified.com> wrote:

> Hi Claris,
>
> Probably you need to ensure that your keyfile is the correct format.
> The first line should look like '-----BEGIN RSA PRIVATE KEY-----'  but
> not '-----BEGIN PRIVATE KEY-----' which is PKCS#8 format.
>
> More info http://www.rabbitmq.com/troubleshooting-ssl.html and
> specifically http://docs.couchdb.org/en/latest/config/http.html#config-ssl
>
> You can use the test certs from the mochiweb project (CouchDB uses a
> variant of that internally)
> https://github.com/mochi/mochiweb/tree/master/examples/https
>
> Also, the quality and compatibility of native SSL varies wildly with
> erlang releases, generally later the better (e.g. R16B03-1). But there
> are already known bugs within that too.
>
> For serious (heavy load) SSL usage we recommend stunnel, haproxy, or
> stud for this reason.
>
>
> On 12 February 2014 20:04, Claris Castillo <clariscastej@gmail.com> wrote:
> > I have been running an Apache-Couchdb-1.1.1 server successfully for the
> > last couple of months.
> > Today I decided to enable SSL.
> >
> >>> curl -k -v https://myserver:6984
> >
> > * About to connect() to myservert port 6984 (#0)
> >
> > *   Trying x.x.x.x... connected
> >
> > * Connected to myserver (x.x.x.x) port 6984 (#0)
> >
> > * Initializing NSS with certpath: sql:/etc/pki/nssdb
> >
> > * warning: ignoring value of ssl.verifyhost
> >
> > * NSS error -5938
> >
> > * Closing connection #0
> >
> > * SSL connect error
> >
> > curl: (35) SSL connect error
> > The log files show the following:
> >
> > Wed, 12 Feb 2014 18:38:03 GMT] [error] [<0.65.0>] {error_report,<0.60.0>,
> >
> >                        {<0.65.0>,supervisor_report,
> >
> >                         [{supervisor,{local,ssl_connection_sup}},
> >
> >                          {errorContext,child_terminated},
> >
> >                          {reason,*ekeyfile*},
> >
> >                          {offender,
> >
> >                              [{pid,<0.492.0>},
> >
> >                               {name,undefined},
> >
> >
> > {mfargs,{ssl_connection,start_link,undefined}},
> >
> >                               {restart_type,temporary},
> >
> >                               {shutdown,4000},
> >
> >                               {child_type,worker}]}]}}
> >
> > [Wed, 12 Feb 2014 18:38:03 GMT] [error] [<0.133.0>]
> {error_report,<0.30.0>,
> >
> >                                   {<0.133.0>,std_error,
> >
> >                                    [{application,mochiweb},
> >
> >                                     "Accept failed error",
> >
> >                                                               1115
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message