TLS with certs?


#1

Hi

I’m using Sync Gateway behind Nginx and using cookies for auth, which works fine for mobile client access.

I’d also quite like to be able to use something like CouchDB’s ssl_trusted_certificates_file for TLS connection from a peer databases. Does this already exist in Sync Gateway? I know it has HTTPS support.

I could maybe configure Nginx to accept only signed certs on another port and proxy to 4985 but it feels a little wrong to expose the admin port like that, one config typo and booom!

any suggestions?


#2

Settled on using basic auth over https as it has the advantage of authentication as well as authorisation.