incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Taber <jeta...@gmail.com>
Subject Re: couchdb ssl error connecting via https
Date Fri, 13 Jul 2012 16:19:33 GMT
User error, I was not aware that the script I was given was what created a
secure layer on our couchDB install.  So, until I ran that there was no
https to connect to.  I will try the new drop, though.
On Jul 13, 2012 2:03 AM, "Dave Cottlehuber" <dave@muse.net.nz> wrote:

> On 13 July 2012 01:54, James Taber <jetaber@gmail.com> wrote:
> > couchdb-1.1.1_js185_otp_R14B03_fix-win32-crypto (also tried 1.2.0 R14B04)
> > Windows 7
> > Firefox 13.0.1
> >
> > when connecting to https://localhost:5984/_utils, receive the following
> > error
> >
> > An error occurred during a connection to localhost:5984.
> >
> > SSL received a record that exceeded the maximum permissible length.
> >
> > (Error code: ssl_error_rx_record_too_long)
> >
> >
> > --
> > --
> > Between the greater and lesser infinities sleep the dreams undreamt.
>
> Hi James,
>
> https://www.mozilla.org/projects/security/pki/nss/ref/ssl/sslerr.html
> SSL_ERROR_RX_RECORD_TOO_LONG    -12263  "SSL received a record that
> exceeded the maximum permissible length."
> This generally indicates that the remote peer system has a flawed
> implementation of SSL, and is violating the SSL specification.
>
> Can you retry this with a couch based off R15B01
>
> https://www.dropbox.com/sh/jeifcxpbtpo78ak/JFSKO7WgCS/Snapshots/20120524/setup-couchdb-1.2.0%2BCOUCHDB-1482_otp_R15B01.exe
> as there've been considerable improvements in OTP's SSL implementation
> recently.
>
> Questions;
>
> - what configuration you are using (verifying intermediates etc)
> - does this error occur in the browser, via curl, or something else?
> - can you re-test with openssl s_client directly (to avoid the
> browser), with debug mode enabled?
> - what is shown in the couch.log error file at the same time?
> - does the issue recur for you using the sample certs from mochiweb
> https://github.com/mochi/mochiweb/tree/master/examples/https ?
>
> A+
> Dave
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message