Sync Gateway Community 1.1 with wildcard SSL

#1

Hi,

I am using Couchbase 3.0.1 community and sync gateway 1.1 community and using wild card SSL and it is not working and would like to know if it supports wild card SSL (*.example.com) certificate?

If i access from web browser it works but not from mobile app.

Thanks,
Kaurnakar

#2

I don’t see any mention of wildcard SSL in our docs:

http://developer.couchbase.com/mobile/develop/guides/sync-gateway/deployment/in-production/index.html#transport-layer-security

@jamiltz any ideas?

#3

@Karunakar

We use a wildcard SSL cert with our demo cluster:

https://demo-mobile.couchbase.com

But this is terminated at an nginx proxy not at Sync Gateway.

Depending on which CA you got your cert from you may have to merge in the root certificates as mobile device OS’s do not ship with the same root cert set as desktop browsers.

We had issues on our demo cluster with a Go Daddy Cert and Android OS, to resolve this we merged the GoDaddy intermediate/root certs into our domain certificate .pem file.

On Linux you can use openssl to validate a remote certificate chain e.g.

openssl s_client -showcerts -connect demo-mobile.couchbase.com:443
#4

Hi Andy,

Thank you very much and i will give it a try with merging with Intermediate ca and root certificate to our domain and inform you if it works.

Thanks,
Karunakar

#5

Thanks Andy,

It is working after i have installed root certificate on iphone and android app but as you mentioned if i use load balance then it is not required to install root certificate on app.

Seems all good and some times it fails to replicate data so need to figure out that and another thing sync gatway runs very slow.

Thanks,
Karunakar Reddy