I do my https to my proxy server then connect to couch using http locally. You could try that if you can’t get it to work
Sent from my iPhone > On Apr 23, 2020, at 8:54 PM, Rene Veerman <[email protected]> wrote: > > under couchdb 2.x, this all used to work like a charm > not so in couchdb 3.x :( > >> On Fri, Apr 24, 2020 at 4:53 AM Rene Veerman <[email protected]> >> wrote: >> >> i'm using the certificate files given to me by my certificate provider, >> and i'm getting the following error in /var/log/couchdb/couchdb.log now : >> >> [notice] 2020-04-24T02:21:18.335906Z [email protected] <0.288.0> -------- >> rexi_buffer : cluster stable >> [notice] 2020-04-24T02:45:24.371745Z [email protected] <0.14640.0> >> 39b0035f50 82.161.37.94:5984 162.243.130.108 undefined GET / 200 ok 22 >> [error] 2020-04-24T02:50:46.365102Z [email protected] <0.17763.0> >> -------- application: mochiweb, "Accept failed error", >> "{error,{options,{keyfile,\"/opt/couchdb/etc/https/nicer.app--generated-private-key.txt\",\n >> []}}}" >> [error] 2020-04-24T02:50:46.365233Z [email protected] <0.17763.0> >> -------- CRASH REPORT Process (<0.17763.0>) with 0 neighbors exited with >> reason: {error,accept_failed} at mochiweb_acceptor:init/4(line:71) <= >> proc_lib:init_p_do_apply/3(line:247); initial_call: >> {mochiweb_acceptor,init,['Argument__1','Argument__2',...]}, ancestors: >> [https,couch_secondary_services,couch_sup,...], message_queue_len: 0, >> messages: [], links: [<0.254.0>], dictionary: [], trap_exit: false, status: >> running, heap_size: 1598, stack_size: 27, reductions: 1905 >> [error] 2020-04-24T02:50:46.442400Z [email protected] <0.17764.0> >> -------- application: mochiweb, "Accept failed error", >> "{error,{options,{keyfile,\"/opt/couchdb/etc/https/nicer.app--generated-private-key.txt\",\n >> []}}}" >> [error] 2020-04-24T02:50:46.442530Z [email protected] <0.17764.0> >> -------- CRASH REPORT Process (<0.17764.0>) with 0 neighbors exited with >> reason: {error,accept_failed} at mochiweb_acceptor:init/4(line:71) <= >> proc_lib:init_p_do_apply/3(line:247); initial_call: >> {mochiweb_acceptor,init,['Argument__1','Argument__2',...]}, ancestors: >> [https,couch_secondary_services,couch_sup,...], message_queue_len: 0, >> messages: [], links: [<0.254.0>], dictionary: [], trap_exit: false, status: >> running, heap_size: 987, stack_size: 27, reductions: 1918 >> [error] 2020-04-24T02:50:51.466683Z [email protected] <0.17765.0> >> -------- application: mochiweb, "Accept failed error", >> "{error,{options,{keyfile,\"/opt/couchdb/etc/https/nicer.app--generated-private-key.txt\",\n >> []}}}" >> [error] 2020-04-24T02:50:51.466870Z [email protected] <0.17765.0> >> -------- CRASH REPORT Process (<0.17765.0>) with 0 neighbors exited with >> reason: {error,accept_failed} at mochiweb_acceptor:init/4(line:71) <= >> proc_lib:init_p_do_apply/3(line:247); initial_call: >> {mochiweb_acceptor,init,['Argument__1','Argument__2',...]}, ancestors: >> [https,couch_secondary_services,couch_sup,...], message_queue_len: 0, >> messages: [], links: [<0.254.0>], dictionary: [], trap_exit: false, status: >> running, heap_size: 987, stack_size: 27, reductions: 1918 >> [error] 2020-04-24T02:51:21.500671Z [email protected] <0.18065.0> >> -------- application: mochiweb, "Accept failed error", >> "{error,{options,{keyfile,\"/opt/couchdb/etc/https/nicer.app--generated-private-key.txt\",\n >> []}}}" >> [error] 2020-04-24T02:51:21.500805Z [email protected] <0.18065.0> >> -------- CRASH REPORT Process (<0.18065.0>) with 0 neighbors exited with >> reason: {error,accept_failed} at mochiweb_acceptor:init/4(line:71) <= >> proc_lib:init_p_do_apply/3(line:247); initial_call: >> {mochiweb_acceptor,init,['Argument__1','Argument__2',...]}, ancestors: >> [https,couch_secondary_services,couch_sup,...], message_queue_len: 0, >> messages: [], links: [<0.254.0>], dictionary: [], trap_exit: false, status: >> running, heap_size: 987, stack_size: 27, reductions: 1920 >> >> >> On Fri, Apr 24, 2020 at 4:47 AM Bill Stephenson <[email protected]> >> wrote: >> >>> Hi Rene >>> >>> I have these notes on configuring SSL using certbot: >>> >>> #Configuring the Firewall >>> sudo ufw allow 5984 >>> sudo ufw allow 6984 >>> >>> >>> ## Configure SSL - Lets Encrypt >>> >>> sudo apt-get update && sudo apt-get upgrade >>> sudo apt-get install software-properties-common >>> sudo add-apt-repository ppa:certbot/certbot >>> sudo apt-get update >>> sudo apt-get install python-certbot-apache >>> >>> sudo mkdir /opt/couchdb/letsencrypt >>> >>> sudo certbot certonly --webroot -w /var/www/YOUR.com --config-dir >>> /opt/couchdb/letsencrypt --logs-dir /var/log/couchdb -d YOUR.com >>> >>> >>> sudo certbot certonly --webroot -w /var/www/html --config-dir >>> /opt/couchdb/letsencrypt --logs-dir /var/log/couchdb -d YOUR.com >>> >>> sudo chmod 600 /opt/couchdb/letsencrypt/live/YOUR.com/cert.pem >>> sudo chmod 600 /opt/couchdb/letsencrypt/live/YOUR.com/privkey.pem >>> sudo chmod 600 /opt/couchdb/letsencrypt/live/YOUR.com/fullchain.pem >>> >>> # set the permissions on the files to the following: >>> >>> sudo chmod 600 /opt/couchdb/letsencrypt/live/YOUR.com/cert.pem >>> sudo chmod 600 /opt/couchdb/letsencrypt/live/YOUR.com/privkey.pem >>> sudo chmod 600 /opt/couchdb/letsencrypt/live/YOUR.com/fullchain.pem >>> >>> sudo chown -R couchdb /opt/couchdb/letsencrypt/ >>> >>> sudo nano /opt/couchdb/etc/local.ini >>> >>> # You will need to modify the following entries: >>> >>> port = 6984 >>> cert_file = /opt/couchdb/letsencrypt/live/YOUR.com/cert.pem >>> key_file = /opt/couchdb/letsencrypt/live/YOUR.com/privkey.pem >>> cacert_file = /opt/couchdb/letsencrypt/live/YOUR.com/fullchain.pem < >>> http://your.com/fullchain.pem> >>> >>> test it at: https://YOUR.com:6984/_utils/ >>> >>> — >>> >>> Kindest Regards, >>> >>> Bill Stephenson >>> Tech Support >>> www.cherrypc.com <http://www.ezinvoice.com/> >>> 1-417-546-8390 >>> >>> >>> >>> >>>> On Apr 23, 2020, at 9:36 PM, Rene Veerman <[email protected]> >>> wrote: >>>> >>>> i've installed couchdb on ubuntu-18.04, have modified >>>> /opt/couchdb/etc/local.ini to use the proper https certificates, but i >>>> can't get a connection to https://mydomain.com:5984 going at all. >>>> there is nothing of use in /var/log/couchdb/couchdb.log, >>>> and all i get in the browser is a connection timedout error. >>>> >>>> can someone please help me? >>>> my entire stack of business logic that i had built to run on top of >>> couchdb >>>> is unusable at the moment.. >>> >>>
