FYI: direct HTTPS support should arrive in CouchDB 1.1. B
On Fri, Oct 29, 2010 at 9:23 AM, Cliff Williams <[email protected]> wrote: > Doug, > > I hope you are well. > > Couchdb does not handle https by itself. > > I think that a generally acceptable method would be to put couchdb behind a > reverse proxy such as nginx and allow nginx to handle all of the ssl/tls > traffic. (I don't like using VPNs for this sort of thing since it always > feels like a bit of a kludge and not very Restful) > > These are good start points (Its quite a bit less complicated than it first > appears) > > http://wiki.apache.org/couchdb/Nginx_As_a_Reverse_Proxy > http://www.cyberciti.biz/faq/howto-linux-unix-setup-nginx-ssl-proxy/ > > best regards > > Cliff > > On 29/10/10 10:30, Doug wrote: >> >> Hmm... Lets try that again.. >> >> ---------- Forwarded message ---------- >> From: "Doug"<[email protected]> >> Date: 29/10/2010 3:27 PM >> Subject: replication for local user apps... >> To:<[email protected]> >> >> Hi, >> >> I've got what seems like a simple couchdb question, but reading around I >> haven't found any really helpful information about it. >> >> Basically, how do you do securely use / replicate databases? >> >> Everything happens over http, and I can't find anything about https and >> couchdb working happily together. >> >> The options as far as I can tell seem to be: >> >> 1) Local only. >> - Create a local couchdb instance on local and server machines. >> - Setup SSH tunnels between the machines and push the content through them >> via replication. >> >> 2) Hide couchdb behind a firewall and talk to it via a https website. >> >> 3) There is no three. >> >> ?? >> >> I mean, I thought the great thing about couchdb was I could write a webapp >> that runs entirely off couchdb, use it on the net, pull a copy of it onto >> my >> laptop's copy of couch when I jump on a plane, and keep running, and sync >> it >> all via replication when I get back into a wifi zone. ...but, I don't >> understand how you can do any of that securely and privately. >> >> Am I missing some really obvious configuration option to turn on https or >> something? >> >> ~ >> Doug. >> >
