Uploaded image for project: 'Couchbase Documentation'
  1. Couchbase Documentation
  2. DOC-10229

Configure Server Certificates chapter needs to be improved



    • Improvement
    • Resolution: Fixed
    • Major
    • None
    • 7.1.1
    • core-server
    • None
    • DOC-2022-S15
    • 1


      The following section of the documentation needs to improved:


      • it mentions "The steps and descriptions below assume that the previous procedure, Cluster Protection with Root and Node Certificates, has already been successfully completed;"

      Not sure why, since the procedure seems to start from scratch.

      • Also, wouldn't it have been possible to have one common procedure, and just mention the steps that can be skipped if user doesn't use intermediates?
      • Based on a chat with Timofey, the doc assumes the following scenario regarding the chain:

         node cert      <- intermediate CA 1 <- root CA
        (in chain.pem)     (in chain.pem)     (trusted)

        However it should also cover the following possible chain:

         node cert      <- intermediate CA 1 <- root CA
        (in chain.pem)     (trusted)     (trusted)


      • It would be useful to have some explanation regarding when to choose a combination over the other, and why
      • More need to be said about the case where users are using their own certificates. The short section "Using an Externally Provided Root Certificate" needs to be expanded to more clearly show what the user is supposed to do in that situation (maybe some example would help)
      • A more detailed coverage of the UI (Security screen) would be useful (especially for people who used the previous versions of Couchbase where the interface looked different)



        No reviews matched the request. Check your Options in the drop-down menu of this sections header.



            tony.hillman Tony Hillman (Inactive)
            jean.randriam Jean Randriam
            0 Vote for this issue
            2 Start watching this issue



              Gerrit Reviews

                There are no open Gerrit changes