Uploaded image for project: 'Couchbase Gateway'
  1. Couchbase Gateway
  2. CBG-1643

Add additional context for gocb errors when using self-signed cert

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Blocker
    • 3.0
    • None
    • SyncGateway
    • Security Level: Public
    • None
    • CBG Sprint 81
    • 5

    Description

      When using self-signed cert but not setting tls_skip_verify, SG will retry the connection, logging a warning like:

      2021-08-20T13:26:33.888-07:00 [WRN] gocb: Pipeline Client 0xc00010e6c0 failed to bootstrap: x509: certificate signed by unknown authority -- base.GoCBCoreLogger.Log() at logger_external.go:792021-08-20T13:26:36.885-07:00 [WRN] gocb: CCCPPOLL: Failed to retrieve CCCP config. x509: certificate signed by unknown authority -- base.GoCBCoreLogger.Log() at logger_external.go:79

      It would be ideal to include information about the tls_skip_verify property here, to help users identify the fix if they are in fact trying to run with a self-signed cert.

       

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            jacques.rascagneres Jacques Rascagneres
            adamf Adam Fraser
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty