Uploaded image for project: 'Couchbase Go SDK'
  1. Couchbase Go SDK
  2. GOCBC-1162

Initial bootstrap of SDK should allow nonTLS connection when UseTLS is true

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Major
    • core-9.1.7, core-10.0.3
    • None
    • None
    • None
    • 1

    Description

      For localhost connections ns_server supplies server teams like FTS the local address as 127.0.0.1 but supplies the certificate as the external IP for the node. This means that when UseTLS is set to true and the service tries to initially bootstrap then connections fail because the certificate does not match the address being used.

      We should add a way that allows UseTLS to be set but performs the initial bootstrap without using TLS, that way we will establish the initial connection, fetch a config, and then (re)build all the connections using TLS.

      This is interim functionality until we can add a feature to allow all localhost connections to be done over nonTLS whilst all other connections do use TLS.

      Attachments

        Issue Links

          blocks

          Bug - A problem which impairs or prevents the functions of the product. MB-47901 FTS not indexing documents when node-to-node encryption enabled

          • Test Blocker - QE-related tests can't proceed
          • Closed
          No reviews matched the request. Check your Options in the drop-down menu of this sections header.

          Activity

            People

              charles.dixon Charles Dixon
              charles.dixon Charles Dixon
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                PagerDuty