How to bypass tls certificate verification by using couchbase cli

Hi Team,

i am create new couchbase cluster with version 6.5.1. so while adding node to cluster i am getting below error where as in 5.5.3 i did not get below error while adding node to cluster. please suggest is there way to bypass tls verification by couchbase cli.

ERROR:
--password password --server-add 10.102.0.94:8091 --server-add-username Administrator --server-add-password password --services data
e[0me[0mmodule.couchbase_cluster.null_resource.create_cluster[2] (remote-exec): ERROR: Prepare join failed. Failed to establish TLS connection to 10.102.0.16:8091. Please check that you are connecting to a TLS / HTTPS endpoint.
e[0me[0mmodule.couchbase_cluster.null_resource.create_cluster[1] (remote-exec): ERROR: Prepare join failed. Failed to establish TLS connection to 10.102.0.160:8091. Please check that you are connecting to a TLS / HTTPS endpoint.
e[0me[0mmodule.couchbase_cluster.null_resource.create_cluster[3] (remote-exec): ERROR: Prepare join failed. Failed to establish TLS connection to 10.102.0.69:8091. Please check that you are connecting to a TLS / HTTPS endpoint.
e[0me[0mmodule.couchbase_cluster.null_resource.create_cluster[0] (remote-exec): ERROR: Prepare join failed. Failed to establish TLS connection to 10.102.0.94:8091. Please check that you are connecting to a TLS / HTTPS endpoint.

command i am using:

 /opt/couchbase/bin/couchbase-cli server-add -c $master_node:8091 -u Administrator \
     --password password \
     --server-add $new_node:8091 \
     --server-add-username Administrator --server-add-password password \
     --services $service

Hello,

Try prefixing http:// on the new_node:

/opt/couchbase/bin/couchbase-cli server-add -c $master_node:8091 -u Administrator \
--password password \
--server-add http://$new_node:8091\
--server-add-username Administrator --server-add-password password \
--services $service```

Thanks Pvarley. it worked.
one doubt that if we add http :// on new node can we access couchbase ui?

Yes the UI can still be accessed. To explain why it works with “http” is because by default in the newer versions of Couchbase Server it will try to be secure and use TLS (https).

Thank you Pvarley for your explanation.

in new version couchbase UI when i click on “Add Server” section it is showing me some message which is hi-lighted in attached screenshot and the same warning is not coming in older couchbase versions.

please suggest me if you have any idea on that if it is not ignorable warning.

New Version:

old Version:

Since you asked “How to bypass tls certificate verification by using couchbase cli” I assume you still want to use TLS.

As such it would be better to invoke as follows and use TLS by putting https:// in front of 10.102.0.94 and changing your port to the secure one 18091.

Below I give a bucket creation example

    couchbase-cli bucket-create -c https://localhost:18091 \
            -u $CB_USERNAME -p $CB_PASSWORD  \
            --bucket=bulk  \
            --bucket-type=couchbase  \
            --bucket-eviction-policy fullEviction \
            --bucket-ramsize=500  \
            --bucket-replica=0  \
            --enable-flush=1  \
            --wait

If your certificate is “self-signed” add the flag “–no-ssl-verify”

    couchbase-cli bucket-create -c https://localhost:18091 --no-ssl-verify \
            -u $CB_USERNAME -p $CB_PASSWORD  \
            --bucket=bulk  \
            --bucket-type=couchbase  \
            --bucket-eviction-policy fullEviction \
            --bucket-ramsize=500  \
            --bucket-replica=0  \
            --enable-flush=1  \
            --wait