incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Robert Newson <rnew...@apache.org>
Subject Re: SSL problems
Date Wed, 26 Sep 2012 10:07:32 GMT
To be honest, I would recommend using stunnel in front of CouchDB
instead of the built-in erlang SSL module.

B.

On 26 September 2012 08:25, Benoit Chesneau <bchesneau@gmail.com> wrote:
> On Wed, Sep 26, 2012 at 5:20 AM, Bill <bill.foshay@noteandgo.com> wrote:
>> I'm using CouchDB 1.1 and running into an issue configuring it for SSL. I have
>> a certificate from GoDaddy that I'm trying to use. I put the cert, two
>> intermediate GoDaddy certs, and the GoDaddy root cert in a poem file. I
>> specified the path to that file in the "cert_file" entry in the couchdb config. I
>> also set up the "key_file" entry to point to my key file. However, after
>> restarting couchdb, ssl is  unable to connect. When I try
>>
>> curl -v https://myserver:6984/
>>
>> I get the following message
>>
>> * About to connect() to myserver port 6984 (#0)
>> * Trying myserer... connected
>> * Connected to myserver (myserver) port 6984 (#0)
>> * Initializing NSS with certpath: /etc/pki/nssdb
>> * CAfile: /etc/pki/tls/certs/ca-bundle.crt
>>  CAPath: none
>> * NSS error -5938
>> Closing connection #0
>> * SSL connect error
>>
>> It's able to connect without SSL just fine. Does anyone have any idea what I'm
>> doing wrong or tips to get this working?
>>
>> Thanks,
>> Bill
>>
>
> How did you configured it? also did you concat the bundle with the cert?
>
> - benoƮt

Mime
View raw message