You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@couchdb.apache.org by Bade Iriabho <eb...@mathbiol.org> on 2011/12/08 18:23:14 UTC
CouchDB SSL Issue, what is the deal with CouchDB error logs
I have CouchDB installed on one of my server (Ubuntu 11.04). Accessing the
application on the standard http port works fine (i.e.
http://www.example.com:5984/_utils). I installed some SSL certificates on
the server and changed the configuration file "local.ini" to point to the
certificates (i.e. certificate and key files are both PEM encoded):
[ssl]
cert_file = /full/path/to/server_cert.crt
key_file = /full/path/to/server_key.key
The problem I get is that I cannot access the application via SSL (i.e.
https://www.example.com:6984/_utils). When I restart the couchdb
application, the log file says that it is started on the couchdb SSL port,
but when I try to access the application via futon, I get nothing. Here is
the log file statement:
[Mon, 05 Dec 2011 19:30:35 GMT] [info] [<0.31.0>] Apache CouchDB has
started on http://0.0.0.0:5984/
[Mon, 05 Dec 2011 19:30:35 GMT] [info] [<0.31.0>] Apache CouchDB has
started on https://0.0.0.0:6984/
The complete log file: (Note that the application still works fine with
http, just not with https. I wish the error messages were a bit more human
readable)
==================================
[Mon, 05 Dec 2011 19:30:35 GMT] [info] [<0.31.0>] Apache CouchDB has
started on http://0.0.0.0:5984/
[Mon, 05 Dec 2011 19:30:35 GMT] [info] [<0.31.0>] Apache CouchDB has
started on https://0.0.0.0:6984/
[Mon, 05 Dec 2011 19:31:04 GMT] [error] [<0.408.0>] {error_report,<0.60.0>,
{<0.408.0>,std_error,
[83,83,76,58,32,"1093",58,32,"error",58,
"[]",32,
"/full/path/to/server_key.key",
"\n",32,32,
[91,
[[123,
["ssl_connection",44,
"init_private_key",44,"4"],
125],
44,10," ",
[123,
["ssl_connection",44,"ssl_init",44,"2"],
125],
44,10," ",
[123,
["ssl_connection",44,"init",44,"1"],
125],
44,10," ",
[123,
["gen_fsm",44,"init_it",44,"6"],
125],
44,10," ",
[123,
["proc_lib",44,"init_p_do_apply",44,
"3"],
125]],
93],
"\n"]}}
[Mon, 05 Dec 2011 19:31:04 GMT] [error] [<0.408.0>] {error_report,<0.60.0>,
{<0.408.0>,crash_report,
[[{initial_call,
{ssl_connection,init,['Argument__1']}},
{pid,<0.408.0>},
{registered_name,[]},
{error_info,
{exit,ekeyfile,
[{gen_fsm,init_it,6},
{proc_lib,init_p_do_apply,3}]}},
{ancestors,[ssl_connection_sup,ssl_sup,<0.61.0>]},
{messages,[]},
{links,[<0.65.0>]},
{dictionary,[]},
{trap_exit,false},
{status,running},
{heap_size,987},
{stack_size,24},
{reductions,1005}],
[]]}}
[Mon, 05 Dec 2011 19:31:04 GMT] [error] [<0.139.0>] {error_report,<0.30.0>,
{<0.139.0>,std_error,
[{application,mochiweb},
"Accept failed error",
"{error,ekeyfile}"]}}
[Mon, 05 Dec 2011 19:31:04 GMT] [error] [<0.139.0>] {error_report,<0.30.0>,
{<0.139.0>,crash_report,
[[{initial_call,
{mochiweb_acceptor,init,
['Argument__1','Argument__2',
'Argument__3']}},
{pid,<0.139.0>},
{registered_name,[]},
{error_info,
{exit,
{error,accept_failed},
[{mochiweb_acceptor,init,3},
{proc_lib,init_p_do_apply,3}]}},
{ancestors,
[https,couch_secondary_services,
couch_server_sup,<0.31.0>]},
{messages,[]},
{links,[<0.138.0>,#Port<0.2186>]},
{dictionary,[]},
{trap_exit,false},
{status,running},
{heap_size,2584},
{stack_size,24},
{reductions,778}],
[]]}}
[Mon, 05 Dec 2011 19:31:04 GMT] [error] [<0.138.0>] {error_report,<0.30.0>,
{<0.138.0>,std_error,
{mochiweb_socket_server,254,
{acceptor_error,{error,accept_failed}}}}}
[Mon, 05 Dec 2011 19:31:04 GMT] [error] [<0.409.0>] {error_report,<0.60.0>,
{<0.409.0>,std_error,
[83,83,76,58,32,"1093",58,32,"error",58,
"[]",32,
"/full/path/to/server_key.key",
"\n",32,32,
[91,
[[123,
["ssl_connection",44,
"init_private_key",44,"4"],
125],
44,10," ",
[123,
["ssl_connection",44,"ssl_init",44,"2"],
125],
44,10," ",
[123,
["ssl_connection",44,"init",44,"1"],
125],
44,10," ",
[123,
["gen_fsm",44,"init_it",44,"6"],
125],
44,10," ",
[123,
["proc_lib",44,"init_p_do_apply",44,
"3"],
125]],
93],
"\n"]}}
[Mon, 05 Dec 2011 19:31:04 GMT] [error] [<0.409.0>] {error_report,<0.60.0>,
{<0.409.0>,crash_report,
[[{initial_call,
{ssl_connection,init,['Argument__1']}},
{pid,<0.409.0>},
{registered_name,[]},
{error_info,
{exit,ekeyfile,
[{gen_fsm,init_it,6},
{proc_lib,init_p_do_apply,3}]}},
{ancestors,[ssl_connection_sup,ssl_sup,<0.61.0>]},
{messages,[]},
{links,[<0.65.0>]},
{dictionary,[]},
{trap_exit,false},
{status,running},
{heap_size,1597},
{stack_size,24},
{reductions,1110}],
[]]}}
[Mon, 05 Dec 2011 19:31:04 GMT] [error] [<0.140.0>] {error_report,<0.30.0>,
{<0.140.0>,std_error,
[{application,mochiweb},
"Accept failed error",
"{error,ekeyfile}"]}}
[Mon, 05 Dec 2011 19:31:04 GMT] [error] [<0.140.0>] {error_report,<0.30.0>,
{<0.140.0>,crash_report,
[[{initial_call,
{mochiweb_acceptor,init,
['Argument__1','Argument__2',
'Argument__3']}},
{pid,<0.140.0>},
{registered_name,[]},
{error_info,
{exit,
{error,accept_failed},
[{mochiweb_acceptor,init,3},
{proc_lib,init_p_do_apply,3}]}},
{ancestors,
[https,couch_secondary_services,
couch_server_sup,<0.31.0>]},
{messages,[]},
{links,[<0.138.0>,#Port<0.2189>]},
{dictionary,[]},
{trap_exit,false},
{status,running},
{heap_size,2584},
{stack_size,24},
{reductions,798}],
[]]}}
[Mon, 05 Dec 2011 19:31:04 GMT] [error] [<0.138.0>] {error_report,<0.30.0>,
{<0.138.0>,std_error,
{mochiweb_socket_server,254,
{acceptor_error,{error,accept_failed}}}}}
==================================
Re: CouchDB SSL Issue, what is the deal with CouchDB error logs
Posted by Bade Iriabho <eb...@mathbiol.org>.
I thought the certificates may have been the issue but I wonder if that is
the case. I use the same cert files for regular https (i.e.
https://www.example.com with apache) and it works fine. I also tried the
test certificates from
https://github.com/mochi/mochiweb/tree/master/examples/https and got the
same error.
B.I.
On Thu, Dec 8, 2011 at 1:02 PM, Robert Newson <ro...@gmail.com>wrote:
> "ekeyfile" is the important part of that stacktrace and means "Own private
> key file is invalid."
>
> B.
>
> On 8 Dec 2011, at 12:23, Bade Iriabho wrote:
>
> > ekeyfile
>
>
Re: CouchDB SSL Issue, what is the deal with CouchDB error logs
Posted by Robert Newson <ro...@gmail.com>.
"ekeyfile" is the important part of that stacktrace and means "Own private key file is invalid."
B.
On 8 Dec 2011, at 12:23, Bade Iriabho wrote:
> ekeyfile