NSS error -5938 is "End of file error", as in the server killed the stream abruptly.
(see: http://lxr.mozilla.org/nspr/source/nsprpub/pr/include/prerr.h for a list of NSS errors) Check the couch logs, because your client connecting doesn't have any additional details. You might use OpenSSL's s_client to debug the SSL connection (see: http://rackerhacker.com/2012/02/07/using-openssls-s_client-command-with-web-servers-using-server-name-indication-sni/) on your client. --- Keith Gable A+ Certified Professional Network+ Certified Professional Storage+ Certified Professional Mobile Application Developer / Web Developer On Tue, Sep 25, 2012 at 10:20 PM, Bill <[email protected]> wrote: > I'm using CouchDB 1.1 and running into an issue configuring it for SSL. I > have > a certificate from GoDaddy that I'm trying to use. I put the cert, two > intermediate GoDaddy certs, and the GoDaddy root cert in a poem file. I > specified the path to that file in the "cert_file" entry in the couchdb > config. I > also set up the "key_file" entry to point to my key file. However, after > restarting couchdb, ssl is unable to connect. When I try > > curl -v https://myserver:6984/ > > I get the following message > > * About to connect() to myserver port 6984 (#0) > * Trying myserer... connected > * Connected to myserver (myserver) port 6984 (#0) > * Initializing NSS with certpath: /etc/pki/nssdb > * CAfile: /etc/pki/tls/certs/ca-bundle.crt > CAPath: none > * NSS error -5938 > Closing connection #0 > * SSL connect error > > It's able to connect without SSL just fine. Does anyone have any idea what > I'm > doing wrong or tips to get this working? > > Thanks, > Bill > >
