You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@couchdb.apache.org by co...@lechat.org on 2016/10/06 09:12:09 UTC
CouchDB 2.0 HTTPS won't start & crash
Hi,
I made a fresh installation of couchdb2.0 on Debian 4.9.2-10
Everything works fine with http 5984, great couchdb ! Thank you all for
your long and hard work !
But when I uncomment local.ini line :
httpsd = {couch_httpd, start_link, [https]}
and putting ssl cert_file and key_file path in config as described in docs,
couchdb won't start anymore and crash immediately with this log :
[error] 2016-10-06T08:43:32.412024Z couchdb@localhost <0.213.0> --------
Supervisor couch_secondary_services had child httpsd started with
couch_httpd:start_link(https) at undefined exit with reason
{'EXIT',{badarg,[{erlang,'++',[undefined,"."],[]},{couch_util,parse_term,1,[{file,"src/couch_util.erl"},{line,164}]},{couch_httpd,start_link,1,[{file,"src/couch_httpd.erl"},{line,46}]},{supervisor,do_start_child,2,[{file,"supervisor.erl"},{line,314}]},{supervisor,start_children,3,[{file,"supervisor.erl"},{line,297}]},{supervisor,init_children,2,[{file,"supervisor.erl"},{line,263}]},{gen_server,init_it,6,[{file,"gen_server.erl"},{line,306}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},...]}]}}
in context start_error
I'have triple checked all file permissions of cert files and path to be
sure the issue is not on this side.
Does somebody could point me in a direction to understand what is
happening ? Bad arg undefined '.' is not really understandable.
Thank you by advance if somebody can help.
Regards,
Thierry.
Re: CouchDB 2.0 HTTPS won't start & crash
Posted by co...@lechat.org.
ooppps, sure it's Debian 8.4 ... running in lxc container/pve 4.9.2-10
Regards,
Thierry
Le 06/10/2016 � 11:12, couchdb@lechat.org a �crit :
> Hi,
>
> I made a fresh installation of couchdb2.0 on Debian 4.9.2-10
> Everything works fine with http 5984, great couchdb ! Thank you all
> for your long and hard work !
>
> But when I uncomment local.ini line :
>
> httpsd = {couch_httpd, start_link, [https]}
>
> and putting ssl cert_file and key_file path in config as described in
> docs,
>
> couchdb won't start anymore and crash immediately with this log :
>
> [error] 2016-10-06T08:43:32.412024Z couchdb@localhost <0.213.0>
> -------- Supervisor couch_secondary_services had child httpsd started
> with couch_httpd:start_link(https) at undefined exit with reason
> {'EXIT',{badarg,[{erlang,'++',[undefined,"."],[]},{couch_util,parse_term,1,[{file,"src/couch_util.erl"},{line,164}]},{couch_httpd,start_link,1,[{file,"src/couch_httpd.erl"},{line,46}]},{supervisor,do_start_child,2,[{file,"supervisor.erl"},{line,314}]},{supervisor,start_children,3,[{file,"supervisor.erl"},{line,297}]},{supervisor,init_children,2,[{file,"supervisor.erl"},{line,263}]},{gen_server,init_it,6,[{file,"gen_server.erl"},{line,306}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},...]}]}}
> in context start_error
>
> I'have triple checked all file permissions of cert files and path to
> be sure the issue is not on this side.
>
>
> Does somebody could point me in a direction to understand what is
> happening ? Bad arg undefined '.' is not really understandable.
>
> Thank you by advance if somebody can help.
>
> Regards,
>
> Thierry.
Re: CouchDB 2.0 HTTPS won't start & crash
Posted by Robert Samuel Newson <rn...@apache.org>.
it does if you declare the right module;
you have;
httpsd = {couch_httpd, start_link, [https]}
but you need
httpsd = {chttpd, start_link, [https]}
B.
> On 8 Oct 2016, at 01:04, couchdb@lechat.org wrote:
>
> Hi Robert,
>
> Thanks a lot for your quick reply, I can confirm that this is now starting with these three settings in local.ini
>
> My plan is to put couchdb behind a load balancer, so I'm not worry abour ssllabs test but thank you for this information.
>
> One more things, httpds doesn't take in account the bind_adress directive put in [chttpd]. It stays with localhost.
> I tried to add bind_adress = 0.0.0.0 in [ssl] or in [chttpds] but no success.
>
> Is there another directive or section to bind ssl port 6984 to oustide world (-; ?
>
> Thank you again.
>
> Regrads,
>
> Thierry
>
>
> Le 07/10/2016 à 20:59, Robert Samuel Newson a écrit :
>> This is a bug in 2.0 that's been fixed already (COUCHDB-3162), but here's a workaround;
>>
>> in local.ini add;
>>
>> [ssl]
>> ciphers = undefined
>> tls_versions = undefined
>> secure_renegotiate = undefined
>>
>> This will give you the default settings. You can obviously customise these to suit.
>>
>> NOTE: the default cipher suite that erlang will give will not give you the best rating from ssllabs.com, you'll need to exclude weaker options to get to A- grade.
>>
>>
>>> On 6 Oct 2016, at 10:12, couchdb@lechat.org wrote:
>>>
>>> Hi,
>>>
>>> I made a fresh installation of couchdb2.0 on Debian 4.9.2-10
>>> Everything works fine with http 5984, great couchdb ! Thank you all for your long and hard work !
>>>
>>> But when I uncomment local.ini line :
>>>
>>> httpsd = {couch_httpd, start_link, [https]}
>>>
>>> and putting ssl cert_file and key_file path in config as described in docs,
>>>
>>> couchdb won't start anymore and crash immediately with this log :
>>>
>>> [error] 2016-10-06T08:43:32.412024Z couchdb@localhost <0.213.0> -------- Supervisor couch_secondary_services had child httpsd started with couch_httpd:start_link(https) at undefined exit with reason {'EXIT',{badarg,[{erlang,'++',[undefined,"."],[]},{couch_util,parse_term,1,[{file,"src/couch_util.erl"},{line,164}]},{couch_httpd,start_link,1,[{file,"src/couch_httpd.erl"},{line,46}]},{supervisor,do_start_child,2,[{file,"supervisor.erl"},{line,314}]},{supervisor,start_children,3,[{file,"supervisor.erl"},{line,297}]},{supervisor,init_children,2,[{file,"supervisor.erl"},{line,263}]},{gen_server,init_it,6,[{file,"gen_server.erl"},{line,306}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},...]}]}} in context start_error
>>>
>>> I'have triple checked all file permissions of cert files and path to be sure the issue is not on this side.
>>>
>>>
>>> Does somebody could point me in a direction to understand what is happening ? Bad arg undefined '.' is not really understandable.
>>>
>>> Thank you by advance if somebody can help.
>>>
>>> Regards,
>>>
>>> Thierry.
>
Re: CouchDB 2.0 HTTPS won't start & crash
Posted by co...@lechat.org.
Hi Robert,
Thanks a lot for your quick reply, I can confirm that this is now
starting with these three settings in local.ini
My plan is to put couchdb behind a load balancer, so I'm not worry abour
ssllabs test but thank you for this information.
One more things, httpds doesn't take in account the bind_adress
directive put in [chttpd]. It stays with localhost.
I tried to add bind_adress = 0.0.0.0 in [ssl] or in [chttpds] but no
success.
Is there another directive or section to bind ssl port 6984 to oustide
world (-; ?
Thank you again.
Regrads,
Thierry
Le 07/10/2016 20:59, Robert Samuel Newson a crit :
> This is a bug in 2.0 that's been fixed already (COUCHDB-3162), but here's a workaround;
>
> in local.ini add;
>
> [ssl]
> ciphers = undefined
> tls_versions = undefined
> secure_renegotiate = undefined
>
> This will give you the default settings. You can obviously customise these to suit.
>
> NOTE: the default cipher suite that erlang will give will not give you the best rating from ssllabs.com, you'll need to exclude weaker options to get to A- grade.
>
>
>> On 6 Oct 2016, at 10:12, couchdb@lechat.org wrote:
>>
>> Hi,
>>
>> I made a fresh installation of couchdb2.0 on Debian 4.9.2-10
>> Everything works fine with http 5984, great couchdb ! Thank you all for your long and hard work !
>>
>> But when I uncomment local.ini line :
>>
>> httpsd = {couch_httpd, start_link, [https]}
>>
>> and putting ssl cert_file and key_file path in config as described in docs,
>>
>> couchdb won't start anymore and crash immediately with this log :
>>
>> [error] 2016-10-06T08:43:32.412024Z couchdb@localhost <0.213.0> -------- Supervisor couch_secondary_services had child httpsd started with couch_httpd:start_link(https) at undefined exit with reason {'EXIT',{badarg,[{erlang,'++',[undefined,"."],[]},{couch_util,parse_term,1,[{file,"src/couch_util.erl"},{line,164}]},{couch_httpd,start_link,1,[{file,"src/couch_httpd.erl"},{line,46}]},{supervisor,do_start_child,2,[{file,"supervisor.erl"},{line,314}]},{supervisor,start_children,3,[{file,"supervisor.erl"},{line,297}]},{supervisor,init_children,2,[{file,"supervisor.erl"},{line,263}]},{gen_server,init_it,6,[{file,"gen_server.erl"},{line,306}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},...]}]}} in context start_error
>>
>> I'have triple checked all file permissions of cert files and path to be sure the issue is not on this side.
>>
>>
>> Does somebody could point me in a direction to understand what is happening ? Bad arg undefined '.' is not really understandable.
>>
>> Thank you by advance if somebody can help.
>>
>> Regards,
>>
>> Thierry.
Re: CouchDB 2.0 HTTPS won't start & crash
Posted by Robert Samuel Newson <rn...@apache.org>.
This is a bug in 2.0 that's been fixed already (COUCHDB-3162), but here's a workaround;
in local.ini add;
[ssl]
ciphers = undefined
tls_versions = undefined
secure_renegotiate = undefined
This will give you the default settings. You can obviously customise these to suit.
NOTE: the default cipher suite that erlang will give will not give you the best rating from ssllabs.com, you'll need to exclude weaker options to get to A- grade.
> On 6 Oct 2016, at 10:12, couchdb@lechat.org wrote:
>
> Hi,
>
> I made a fresh installation of couchdb2.0 on Debian 4.9.2-10
> Everything works fine with http 5984, great couchdb ! Thank you all for your long and hard work !
>
> But when I uncomment local.ini line :
>
> httpsd = {couch_httpd, start_link, [https]}
>
> and putting ssl cert_file and key_file path in config as described in docs,
>
> couchdb won't start anymore and crash immediately with this log :
>
> [error] 2016-10-06T08:43:32.412024Z couchdb@localhost <0.213.0> -------- Supervisor couch_secondary_services had child httpsd started with couch_httpd:start_link(https) at undefined exit with reason {'EXIT',{badarg,[{erlang,'++',[undefined,"."],[]},{couch_util,parse_term,1,[{file,"src/couch_util.erl"},{line,164}]},{couch_httpd,start_link,1,[{file,"src/couch_httpd.erl"},{line,46}]},{supervisor,do_start_child,2,[{file,"supervisor.erl"},{line,314}]},{supervisor,start_children,3,[{file,"supervisor.erl"},{line,297}]},{supervisor,init_children,2,[{file,"supervisor.erl"},{line,263}]},{gen_server,init_it,6,[{file,"gen_server.erl"},{line,306}]},{proc_lib,init_p_do_apply,3,[{file,"proc_lib.erl"},...]}]}} in context start_error
>
> I'have triple checked all file permissions of cert files and path to be sure the issue is not on this side.
>
>
> Does somebody could point me in a direction to understand what is happening ? Bad arg undefined '.' is not really understandable.
>
> Thank you by advance if somebody can help.
>
> Regards,
>
> Thierry.