Uploaded image for project: 'Couchbase Gateway'
  1. Couchbase Gateway
  2. CBG-1337

Add an option to skip SSL certificates verification while loading JavaScript from HTTPS endpoints

    XMLWordPrintable

Details

    • Improvement
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 3.0
    • 3.0
    • SyncGateway
    • Security Level: Public
    • None
    • CBG Sprint 68, CBG Sprint 69, CBG Sprint 70
    • 3

    Description

      Sync Gateway supports loading JavaScript content from external HTTP/HTTPs endpoints. In case of an HTTPS endpoint, the underlying SSL connection attempted to be made secure by using the CA certificate bundle installed on the SG node by default. This means that you may encounter an SSL verification error when you try to load JavaScript from external HTTPS endpoints with the SSL certificates that are misconfigured, expired, or self-signed. We should have a mechanism to force SG to ignore the certificate errors by specifying the remote_config_tls_skip_verify option in the database configuration. SG should ignore the SSL checks when initiating the connection by using the remote_config_tls_skip_verify option and you should be able to bypass any SSL error that any external JavaScript endpoint might have.

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            sarath.kumarsivan Sarath Kumar Sivan (Inactive)
            sarath.kumarsivan Sarath Kumar Sivan (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty