我正在尝试通过SSL让CouchDB在我们的服务器上运行。
我已将以下内容添加到 default.ini :
中[daemons]
...
httpsd = {couch_httpd, start_link, [https]}
[ssl]
cert_file = /the/path/to/my/certicifate/here
key_file = /the/path/to/my/key/here
当我重新启动couchdb时,我在 couch.log 文件中获得以下内容:
[Fri, 27 May 2011 00:18:38 GMT] [error] [<0.86.0>] {error_report,<0.31.0>,
{<0.86.0>,supervisor_report,
[{supervisor,{local,couch_secondary_services}},
{errorContext,start_error},
{reason,
{'EXIT',
{undef,
[{couch_httpd,start_link,[https]},
{supervisor,do_start_child,2},
{supervisor,start_children,3},
{supervisor,init_children,2},
{gen_server,init_it,6},
{proc_lib,init_p_do_apply,3}]}}},
{offender,
[{pid,undefined},
{name,httpsd},
{mfargs,{couch_httpd,start_link,[https]}},
{restart_type,permanent},
{shutdown,1000},
{child_type,worker}]}]}}
[Fri, 27 May 2011 00:18:38 GMT] [error] [<0.78.0>] {error_report,<0.31.0>,
{<0.78.0>,supervisor_report,
[{supervisor,{local,couch_server_sup}},
{errorContext,start_error},
{reason,shutdown},
{offender,
[{pid,undefined},
{name,couch_secondary_services},
{mfargs,{couch_server_sup,start_secondary_services,[]}},
{restart_type,permanent},
{shutdown,infinity},
{child_type,supervisor}]}]}}
任何提示或建议?
答案 0 :(得分:3)
如果有人对我们最终如何解决这个问题感兴趣:(当然对于未来的版本,你应该能够做我在问题中提到的事情。)
我们使用nginx作为沙发的反向代理:http://wiki.apache.org/couchdb/Nginx_As_a_Reverse_Proxy
nginx配置文件:
user www-data;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
access_log /var/log/nginx/access.log;
sendfile on;
keepalive_timeout 65;
tcp_nodelay on;
gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
server {
listen 80;
server_name couch.touchmetric.com;
location / {
proxy_pass http://localhost:5984;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 443;
server_name couch.touchmetric.com;
ssl on;
ssl_certificate /path/here;
ssl_certificate_key /other/path/here;
ssl_protocols SSLv3;
ssl_session_cache shared:SSL:1m;
location / {
proxy_pass http://localhost:5984;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Ssl on;
}
}
}
答案 1 :(得分:2)
CouchDB 1.1中存在本机SSL支持,而当前的CouchDB版本是1.0.2版iirc。除非您从主干或类似的东西结账,否则您的CouchDB本身不支持SSL。