I have sync_gateway and couchbase running on amazon AWS. How can I get set up to use SSL with couchbase and sync_gateway? I'm currently running couchbase on port 8091 and gateway on 4984.
I read here (https://github.com/couchbase/sync_gateway/wiki/SSL-support) that I could use "SSLCert":"/home/ec2-user/ssl/server.crt", and "SSLKey":"/home/ec2-user/ssl/server.key" in config.json in order to have sync_gateway use SSL, but it doesn't see to be working. Is the code for sync_gateway on the Amazon bundle too old for that ability? I created my own server.crt and server.key using open ssl as described here (http://www.akadia.com/services/ssh_test_certificate.html). I converted the .crt file to .pem using openssl as well. I opened port 443 on my ec2 instance but I'm not sure if I need to do more with the ports?
I use curl to to access the sync gateway from a remote machine like this :
curl -X GET http://username:email@example.com:4984/sync_gateway/group:100
I get expected result. However when I use this curl command with https I get an error:
curl -X GET https://username:firstname.lastname@example.org:4984/sync_gateway/group:100
I get an error message like this:
curl: (35) Unknown SSL protocol error in connection to ec2-instance.compute-1.amazonaws.com:-9800
Also, Is there a way to run couchbase using SSL? Can you offer me suggestions for getting this going? Thanks
I downloaded and configured sync gateway to verify using SSL on my local machine with the self signed certificates I created. This worked. I noticed that the capability to configure the sync gateway with SSL was added just 5 months ago. I think the version that comes with the Amazon bundle does not have the updated sync gateway and I'm guessing that's why I couldn't get it to work. I pulled down the latest sync gateway on me ec2 instance with this command wget http://packages.couchbase.com/releases/couchbase-sync-gateway/1.0-beta/couchbase-sync-gateway-community_1.0-beta2_x86.rpm. I ran the new version of sync gateway under /opt/couchbase-sync-gateway/bin/sync_gateway using my same config.json and certs and it worked with SSL.