I only did the tests during development, so I was using self-signed certificates.
Wish I had more information for you. Our app is behind a load balance proxy. Jason > On Jun 22, 2015, at 11:00 AM, Foucauld Degeorges <[email protected]> wrote: > > Well, the whole reason I'm using CouchDB was to *not* have a server... > That's a bit disappointing, but I'll consider it. I hope erlang will be > fixed though. > Is this specific with self-signed certificates, or is SSL broken in general? > Thank you for this answer. > > 2015-06-22 19:55 GMT+02:00 Jason Winshell (Bear River) <[email protected] >> : > >> Hi, >> >> I went this this problem as well. The last time I looked at this I learned >> that the erlang SSL implementation was buggy. Regardless, having a database >> provide SSL directly is not the best way to go about things. Use a front >> end web server. You get other benefits as well, such as header control and >> the possibility of offloading SSL to a hardware load balancer. It's just >> not worth pursuing. >> >> >>> On Jun 22, 2015, at 10:52 AM, Foucauld Degeorges <[email protected]> >> wrote: >>> >>> Thanks for your help. >>> The OS is Windows, but the problem may be similar. >>> >>> 2015-06-22 19:26 GMT+02:00 Paul Okstad <[email protected]>: >>> >>>> Hi, >>>> >>>> I had a similar problem and I found the culprit to be the OS version of >>>> Ubuntu that I was using. Must be a bad library included with that >>>> distribution. Check out the bottom of this wiki page I wrote: >>>> >> https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=48203146 >>>> >>>> On Monday, June 22, 2015, Foucauld Degeorges <[email protected]> wrote: >>>> >>>>> Hello, >>>>> >>>>> (This question may have been asked before, I'm sorry if it has, but I >>>>> haven't found a search field on the archives page). >>>>> >>>>> I'm having issues to make CouchDB work with HTTPS and a self-signed >>>>> certificate. >>>>> Depending on the client, the connection is accepted or refused: >>>>> >>>>> - accepted by curl -k >>>>> - refused by Chrome: ERR_SSL_PROTOCOL_ERROR >>>>> - Firefox first asks to add a security exception, then rejects the >>>>> connection: sec_error_invalid_key >>>>> >>>>> You may look at the associated StackOverflow question >>>>> < >>>>> >>>> >> http://stackoverflow.com/questions/30939983/couchdb-over-https-and-self-certified-certificate-browsers-reject-it/30964160 >>>>>> >>>>> for >>>>> extra info. >>>>> I have read somewhere that Web browsers have recently become more >> strict >>>>> concerning self-signed certificates. Is there a workaround, or >> something >>>>> I'm missing? >>>>> >>>>> Thanks >>>>> Foucauld Degeorges >>>>> >>>> >>>> >>>> -- >>>> -- >>>> Paul Okstad >>>> http://pokstad.com >>>> >> >>
