[
https://issues.apache.org/jira/browse/COUCHDB-840?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Adam Kocoloski resolved COUCHDB-840.
------------------------------------
Resolution: Fixed
> be more relaxed about verifying SSL certificate chains
> ------------------------------------------------------
>
> Key: COUCHDB-840
> URL: https://issues.apache.org/jira/browse/COUCHDB-840
> Project: CouchDB
> Issue Type: Improvement
> Affects Versions: 1.0
> Reporter: Adam Kocoloski
> Fix For: 1.0.1
>
> Attachments: COUCHDB-840.patch
>
>
> The new Erlang SSL implementation (which we use to consume _changes) has a
> default verification depth of 1. This causes pull replication from an
> SSL-wrapped server to fail if the server has an intermediate certificate in
> its chain. Intermediate certificates are pretty common especially at the
> cheaper end, e.g. GoDaddy certs. OpenSSL uses a default depth of 9; I think
> we should do the same.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
