Hi Rene I have these notes on configuring SSL using certbot:
#Configuring the Firewall sudo ufw allow 5984 sudo ufw allow 6984 ## Configure SSL - Lets Encrypt sudo apt-get update && sudo apt-get upgrade sudo apt-get install software-properties-common sudo add-apt-repository ppa:certbot/certbot sudo apt-get update sudo apt-get install python-certbot-apache sudo mkdir /opt/couchdb/letsencrypt sudo certbot certonly --webroot -w /var/www/YOUR.com --config-dir /opt/couchdb/letsencrypt --logs-dir /var/log/couchdb -d YOUR.com sudo certbot certonly --webroot -w /var/www/html --config-dir /opt/couchdb/letsencrypt --logs-dir /var/log/couchdb -d YOUR.com sudo chmod 600 /opt/couchdb/letsencrypt/live/YOUR.com/cert.pem sudo chmod 600 /opt/couchdb/letsencrypt/live/YOUR.com/privkey.pem sudo chmod 600 /opt/couchdb/letsencrypt/live/YOUR.com/fullchain.pem # set the permissions on the files to the following: sudo chmod 600 /opt/couchdb/letsencrypt/live/YOUR.com/cert.pem sudo chmod 600 /opt/couchdb/letsencrypt/live/YOUR.com/privkey.pem sudo chmod 600 /opt/couchdb/letsencrypt/live/YOUR.com/fullchain.pem sudo chown -R couchdb /opt/couchdb/letsencrypt/ sudo nano /opt/couchdb/etc/local.ini # You will need to modify the following entries: port = 6984 cert_file = /opt/couchdb/letsencrypt/live/YOUR.com/cert.pem key_file = /opt/couchdb/letsencrypt/live/YOUR.com/privkey.pem cacert_file = /opt/couchdb/letsencrypt/live/YOUR.com/fullchain.pem <http://your.com/fullchain.pem> test it at: https://YOUR.com:6984/_utils/ — Kindest Regards, Bill Stephenson Tech Support www.cherrypc.com <http://www.ezinvoice.com/> 1-417-546-8390 > On Apr 23, 2020, at 9:36 PM, Rene Veerman <[email protected]> wrote: > > i've installed couchdb on ubuntu-18.04, have modified > /opt/couchdb/etc/local.ini to use the proper https certificates, but i > can't get a connection to https://mydomain.com:5984 going at all. > there is nothing of use in /var/log/couchdb/couchdb.log, > and all i get in the browser is a connection timedout error. > > can someone please help me? > my entire stack of business logic that i had built to run on top of couchdb > is unusable at the moment..
