incubator-couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Keith Gable <zi...@ignition-project.com>
Subject Re: SSL problems
Date Wed, 26 Sep 2012 03:46:55 GMT
NSS error -5938 is "End of file error", as in the server killed the stream
abruptly.

(see: http://lxr.mozilla.org/nspr/source/nsprpub/pr/include/prerr.h for a
list of NSS errors)

Check the couch logs, because your client connecting doesn't have any
additional details. You might use OpenSSL's s_client to debug the SSL
connection (see:
http://rackerhacker.com/2012/02/07/using-openssls-s_client-command-with-web-servers-using-server-name-indication-sni/)
on your client.

---
Keith Gable
A+ Certified Professional
Network+ Certified Professional
Storage+ Certified Professional
Mobile Application Developer / Web Developer



On Tue, Sep 25, 2012 at 10:20 PM, Bill <bill.foshay@noteandgo.com> wrote:

> I'm using CouchDB 1.1 and running into an issue configuring it for SSL. I
> have
> a certificate from GoDaddy that I'm trying to use. I put the cert, two
> intermediate GoDaddy certs, and the GoDaddy root cert in a poem file. I
> specified the path to that file in the "cert_file" entry in the couchdb
> config. I
> also set up the "key_file" entry to point to my key file. However, after
> restarting couchdb, ssl is  unable to connect. When I try
>
> curl -v https://myserver:6984/
>
> I get the following message
>
> * About to connect() to myserver port 6984 (#0)
> * Trying myserer... connected
> * Connected to myserver (myserver) port 6984 (#0)
> * Initializing NSS with certpath: /etc/pki/nssdb
> * CAfile: /etc/pki/tls/certs/ca-bundle.crt
>  CAPath: none
> * NSS error -5938
> Closing connection #0
> * SSL connect error
>
> It's able to connect without SSL just fine. Does anyone have any idea what
> I'm
> doing wrong or tips to get this working?
>
> Thanks,
> Bill
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message