Hi Claris, Probably you need to ensure that your keyfile is the correct format. The first line should look like '-----BEGIN RSA PRIVATE KEY-----' but not '-----BEGIN PRIVATE KEY-----' which is PKCS#8 format.
More info http://www.rabbitmq.com/troubleshooting-ssl.html and specifically http://docs.couchdb.org/en/latest/config/http.html#config-ssl You can use the test certs from the mochiweb project (CouchDB uses a variant of that internally) https://github.com/mochi/mochiweb/tree/master/examples/https Also, the quality and compatibility of native SSL varies wildly with erlang releases, generally later the better (e.g. R16B03-1). But there are already known bugs within that too. For serious (heavy load) SSL usage we recommend stunnel, haproxy, or stud for this reason. On 12 February 2014 20:04, Claris Castillo <[email protected]> wrote: > I have been running an Apache-Couchdb-1.1.1 server successfully for the > last couple of months. > Today I decided to enable SSL. > >>> curl -k -v https://myserver:6984 > > * About to connect() to myservert port 6984 (#0) > > * Trying x.x.x.x... connected > > * Connected to myserver (x.x.x.x) port 6984 (#0) > > * Initializing NSS with certpath: sql:/etc/pki/nssdb > > * warning: ignoring value of ssl.verifyhost > > * NSS error -5938 > > * Closing connection #0 > > * SSL connect error > > curl: (35) SSL connect error > The log files show the following: > > Wed, 12 Feb 2014 18:38:03 GMT] [error] [<0.65.0>] {error_report,<0.60.0>, > > {<0.65.0>,supervisor_report, > > [{supervisor,{local,ssl_connection_sup}}, > > {errorContext,child_terminated}, > > {reason,*ekeyfile*}, > > {offender, > > [{pid,<0.492.0>}, > > {name,undefined}, > > > {mfargs,{ssl_connection,start_link,undefined}}, > > {restart_type,temporary}, > > {shutdown,4000}, > > {child_type,worker}]}]}} > > [Wed, 12 Feb 2014 18:38:03 GMT] [error] [<0.133.0>] {error_report,<0.30.0>, > > {<0.133.0>,std_error, > > [{application,mochiweb}, > > "Accept failed error", > > 1115
