【发布时间】:2020-09-02 04:50:24
【问题描述】:
我想在启用 SSL 的情况下使用 couchDB(V.2.3.1),所以我将 [ssl] 部分添加到 /opt/couchdb/etc/local.d/docker.ini 文件中,如下所示:
[ssl]
port = 6984
enable = true
cert_file = /etc/hyperledger/fabric/tls/server.crt
key_file = /etc/hyperledger/fabric/tls/server.key
cacert_file = /etc/hyperledger/fabric/tls/ca.crt
[daemons]
httpsd = {couch_httpd, start_link, [https]}
[admins]
Admin = ...
[couchdb]
uuid = ...
但我无法使用 https 访问 webUI!出现此错误:
This site can’t provide a secure connection
"IP" uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Unsupported protocol
The client and server don't support a common SSL protocol version or cipher suite.
这是日志:
[error] 2020-05-17T06:52:18.046389Z nonode@nohost <0.19077.3> -------- SSL: hello: tls_handshake.erl:127:Fatal error: handshake failure - malformed_handshake_data
[error] 2020-05-17T06:52:18.046426Z nonode@nohost <0.18899.3> -------- application: mochiweb, "Accept failed error", "{error,{tls_alert,\"handshake failure\"}}"
[error] 2020-05-17T06:52:18.046508Z nonode@nohost <0.18899.3> -------- CRASH REPORT Process (<0.18899.3>) with 0 neighbors exited with reason: {error,accept_failed} at mochiweb_acceptor:init/4(line:75) <= proc_lib:init_p_do_apply/3(line:247); initial_call: {mochiweb_acceptor,init,['Argument__1','Argument__2',...]}, ancestors: [https,couch_secondary_services,couch_sup,<0.202.0>], messages: [], links: [<0.253.0>], dictionary: [], trap_exit: false, status: running, heap_size: 1598, stack_size: 27, reductions: 954
有人可以帮帮我吗?
【问题讨论】:
-
尝试使用反向代理工具,例如
Traefikinfront。让 couchdb 在 http 上运行,不要暴露 couchdb 端口。 AFAIK,您不能在浏览器中使用自签名证书。浏览器无法识别它,因此请尝试将 Let'sEncypt 与Traefik或任何其他反向代理工具一起使用。这项工作的最终目标是在浏览器上打开 couchdb UI。
标签: ssl couchdb hyperledger-fabric hyperledger couchdb-2.0