Ok, seems I've confused you. Couchdb replication occurs over http or https, as you know. The nodes in a couchdb 2.0 cluster do not communicate with each other over http. They use Erlang rpc. Erlang rpc can be configured for TLS encryption. It's in the Erlang faq and is fairly simple to set up in newer Erlang releases.
I feel I owe an example of 2.0 cluster that exclusively uses TLS for all communications. Sent from my iPhone > On 24 Aug 2016, at 20:47, Joey Samonte <[email protected]> wrote: > > What if we remove the reverse proxy and just set up the CouchDB nodes to > allow only SSL connections, port 6984? > https://wiki.apache.org/couchdb/How_to_enable_SSL > >> Subject: Re: Adding a node to cluster >> From: [email protected] >> Date: Wed, 24 Aug 2016 19:43:51 +0100 >> To: [email protected] >> >> Assuming you mean a 2.0 cluster, no, all those nodes need to be able to >> communicate with erlang rpc (service discovery over port 4369 and then >> whatever port the node is running ong). >> >>> On 24 Aug 2016, at 12:36, Joey Samonte <[email protected]> wrote: >>> >>> Good day, >>> >>> Is it possible to add a node to a cluster from Fauxton if the remote host >>> is behind a reverse proxy (nginx) configured as HTTPS? >>> >>> Regards, >>> Joey >
