Sander, It depends on your erlang version. I think SSL support from R15 onwards is pretty good, but that came long after the problems we've seen with SSL in production (under load). YMMV.
Basically, CouchDB's support for SSL is dependent on the quality of SSL support in erlang itself. B. On 12 June 2013 15:28, Sander Dijkhuis <[email protected]> wrote: > What kind of problems should I expect with native SSL? I’ve just set up > CouchDB with a self-signed certificate, and that seems to work fine for my > purposes. > > If it’s advised against, maybe this manual page should mention that: > http://docs.couchdb.org/en/latest/configuring.html#native-ssl-support > > On Jun 12, 2013, at 16:14 , Jason Smith <[email protected]> wrote: > >> That was the single most problematic CouchDB commit I have ever had to deal >> with. (Bob's work was fine; but it forced an introduction I regretted >> having.) >> >> >> On Wed, Jun 12, 2013 at 9:03 PM, Robert Newson <[email protected]> wrote: >> >>> and by "never", I strictly mean "for a very brief period where I added >>> native SSL support to CouchDB in 2010". >>> >>> B. >>> >>> >>> On 12 June 2013 15:01, Robert Newson <[email protected]> wrote: >>>> I'd recommend haproxy 1.5 anyway, I've never been a big fan of >>>> erlang's built-in SSL support (and it has a fairly yucky history of >>>> bugs). >>>> >>>> B.
