Uploaded image for project: 'Couchbase Go SDK'
  1. Couchbase Go SDK
  2. GOCBC-1183

SSL certificates are not verified if no root CAs are supplied

    XMLWordPrintable

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.3.2
    • 2.3.3
    • library
    • None
    • 1

    Description

      I expect this code to fail with an SSL cert couldn't be verified error but it succeeds. From wireshark I saw it was definitely communicating over the secure ports.

      package main
       
      import (
      	"log"
      	"time"
       
      	"github.com/couchbase/gocb/v2"
      )
       
      func main() {
      	var passAuth = gocb.PasswordAuthenticator{
      		Username: "Administrator",
      		Password: "password",
      	}
       
      	cluster, err := gocb.Connect("couchbases://172.23.111.128", gocb.ClusterOptions{Authenticator: passAuth, SecurityConfig: gocb.SecurityConfig{
      		TLSSkipVerify: false,
      	}})
       
      	if err != nil {
      		log.Fatal(err)
      	}
       
      	err = cluster.WaitUntilReady(5*time.Second, &gocb.WaitUntilReadyOptions{})
       
      	if err != nil {
      		log.Fatal(err)
      	}
      }
      

      GOCB 16:59:09.930972 agentgroup.go:26: SDK Version: gocbcore/v10.0.3
      GOCB 16:59:09.931236 agentgroup.go:27: Creating new agent group: &{AgentConfig:{BucketName: UserAgent:gocb/v2.3.2 SeedConfig:{HTTPAddrs:[172.23.111.128:18091] MemdAddrs:[172.23.111.128:11207]} SecurityConfig:{UseTLS:true TLSRootCAProvider:0x1316b60 InitialBootstrapNonTLS:false Auth:0xc000099960 AuthMechanisms:[]} CompressionConfig:{Enabled:false DisableDecompression:false MinSize:0 MinRatio:0} ConfigPollerConfig:{HTTPRedialPeriod:0s HTTPRetryDelay:0s HTTPMaxWait:0s CccpMaxWait:0s CccpPollPeriod:0s} IoConfig:{NetworkType: UseMutationTokens:true UseDurations:true UseOutOfOrderResponses:true DisableXErrorHello:false DisableJSONHello:false DisableSyncReplicationHello:false EnablePITRHello:false UseCollections:true} KVConfig:{ConnectTimeout:10s PoolSize:0 MaxQueueSize:0} HTTPConfig:{MaxIdleConns:0 MaxIdleConnsPerHost:0 IdleConnectionTimeout:0s} DefaultRetryStrategy:0xc000099820 CircuitBreakerConfig:{Enabled:true VolumeThreshold:0 ErrorThresholdPercentage:0 SleepWindow:0s RollingWindow:0s CompletionCallback:<nil> CanaryTimeout:0s} OrphanReporterConfig:{Enabled:true ReportInterval:0s SampleSize:0} TracerConfig:{Tracer:0xc000099840 NoRootTraceSpans:true} MeterConfig:{Meter:<nil>}}}
      GOCB 16:59:09.931260 agent.go:76: SDK Version: gocbcore/v10.0.3
      GOCB 16:59:09.931287 agent.go:77: Creating new agent: &{BucketName: UserAgent:gocb/v2.3.2 SeedConfig:{HTTPAddrs:[172.23.111.128:18091] MemdAddrs:[172.23.111.128:11207]} SecurityConfig:{UseTLS:true TLSRootCAProvider:0x1316b60 InitialBootstrapNonTLS:false Auth:0xc000099960 AuthMechanisms:[]} CompressionConfig:{Enabled:false DisableDecompression:false MinSize:0 MinRatio:0} ConfigPollerConfig:{HTTPRedialPeriod:0s HTTPRetryDelay:0s HTTPMaxWait:0s CccpMaxWait:0s CccpPollPeriod:0s} IoConfig:{NetworkType: UseMutationTokens:true UseDurations:true UseOutOfOrderResponses:true DisableXErrorHello:false DisableJSONHello:false DisableSyncReplicationHello:false EnablePITRHello:false UseCollections:true} KVConfig:{ConnectTimeout:10s PoolSize:0 MaxQueueSize:0} HTTPConfig:{MaxIdleConns:0 MaxIdleConnsPerHost:0 IdleConnectionTimeout:0s} DefaultRetryStrategy:0xc000099820 CircuitBreakerConfig:{Enabled:true VolumeThreshold:0 ErrorThresholdPercentage:0 SleepWindow:0s RollingWindow:0s CompletionCallback:<nil> CanaryTimeout:0s} OrphanReporterConfig:{Enabled:true ReportInterval:0s SampleSize:0} TracerConfig:{Tracer:0xc000099840 NoRootTraceSpans:true} MeterConfig:{Meter:<nil>}}
      GOCB 16:59:09.931621 memdpipelineclient.go:207: Pipeline Client `172.23.111.128:11207/0xc00011bab0` preparing for new client loop
      GOCB 16:59:09.931636 memdpipelineclient.go:220: Pipeline Client `172.23.111.128:11207/0xc00011bab0` retrieving new client connection for parent 0xc0000b6870
      GOCB 16:59:09.931645 cccpcfgcontroller.go:81: CCCP Looper starting.
      GOCB 16:59:09.931601 diagnosticscomponent.go:648: Bootstrap error found before config seen: <nil>
      GOCB 16:59:09.931697 diagnosticscomponent.go:663: No config seen yet in http muxer but no errors found.
      GOCB 16:59:09.931759 diagnosticscomponent.go:648: Bootstrap error found before config seen: <nil>
      GOCB 16:59:09.931758 retry.go:176: Will retry request. Backoff=1ms, OperationID=waituntilready. Reason=NOT_READY
      GOCB 16:59:09.931778 diagnosticscomponent.go:648: Bootstrap error found before config seen: <nil>
      GOCB 16:59:09.931791 diagnosticscomponent.go:663: No config seen yet in http muxer but no errors found.
      GOCB 16:59:09.931805 retry.go:176: Will retry request. Backoff=10ms, OperationID=waituntilready. Reason=NOT_READY
      GOCB 16:59:09.931826 diagnosticscomponent.go:648: Bootstrap error found before config seen: <nil>
      GOCB 16:59:09.931831 diagnosticscomponent.go:663: No config seen yet in http muxer but no errors found.
      GOCB 16:59:09.931836 retry.go:176: Will retry request. Backoff=50ms, OperationID=waituntilready. Reason=NOT_READY
      GOCB 16:59:09.931777 diagnosticscomponent.go:663: No config seen yet in http muxer but no errors found.
      GOCB 16:59:09.931884 retry.go:176: Will retry request. Backoff=100ms, OperationID=waituntilready. Reason=NOT_READY
      GOCB 16:59:09.932902 diagnosticscomponent.go:648: Bootstrap error found before config seen: <nil>
      GOCB 16:59:09.932915 diagnosticscomponent.go:663: No config seen yet in http muxer but no errors found.
      GOCB 16:59:09.932926 retry.go:176: Will retry request. Backoff=500ms, OperationID=waituntilready. Reason=NOT_READY
      GOCB 16:59:09.944055 diagnosticscomponent.go:648: Bootstrap error found before config seen: <nil>
      GOCB 16:59:09.944076 diagnosticscomponent.go:663: No config seen yet in http muxer but no errors found.
      GOCB 16:59:09.944087 retry.go:176: Will retry request. Backoff=1s, OperationID=waituntilready. Reason=NOT_READY
      GOCB 16:59:09.985558 diagnosticscomponent.go:648: Bootstrap error found before config seen: <nil>
      GOCB 16:59:09.985602 diagnosticscomponent.go:663: No config seen yet in http muxer but no errors found.
      GOCB 16:59:09.985614 retry.go:176: Will retry request. Backoff=1s, OperationID=waituntilready. Reason=NOT_READY
      GOCB 16:59:10.035191 diagnosticscomponent.go:648: Bootstrap error found before config seen: <nil>
      GOCB 16:59:10.035220 diagnosticscomponent.go:663: No config seen yet in http muxer but no errors found.
      GOCB 16:59:10.035234 retry.go:176: Will retry request. Backoff=1s, OperationID=waituntilready. Reason=NOT_READY
      GOCB 16:59:10.251097 memdclient.go:624: Memdclient `172.23.111.128:11207/0xc000348000` Fetching cluster client data
      GOCB 16:59:10.437224 diagnosticscomponent.go:648: Bootstrap error found before config seen: <nil>
      GOCB 16:59:10.437293 diagnosticscomponent.go:663: No config seen yet in http muxer but no errors found.
      GOCB 16:59:10.437322 retry.go:176: Will retry request. Backoff=1s, OperationID=waituntilready. Reason=NOT_READY
      GOCB 16:59:10.712696 errmapcomponent.go:37: Fetched error map: &{Version:1 Revision:4 Errors:map[0:{Name:SUCCESS Description:Success Attributes:[success] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 1:{Name:KEY_ENOENT Description:Not Found Attributes:[item-only] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 2:{Name:KEY_EEXISTS Description:key already exists, or CAS mismatch Attributes:[item-only] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 3:{Name:E2BIG Description:Value is too big Attributes:[item-only invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 4:{Name:EINVAL Description:Invalid packet Attributes:[internal invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 5:{Name:NOT_STORED Description:Not Stored Attributes:[internal item-only] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 6:{Name:DELTA_BADVAL Description:Existing document not a number Attributes:[item-only invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 7:{Name:NOT_MY_VBUCKET Description:Server does not know about this vBucket Attributes:[fetch-config invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 8:{Name:NO_BUCKET Description:Not connected to any bucket Attributes:[conn-state-invalidated] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 9:{Name:LOCKED Description:Requested resource is locked Attributes:[item-locked item-only retry-now] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 10:{Name:STREAM_NOT_FOUND Description:Stream not found Attributes:[conn-state-invalidated] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 11:{Name:OPAQUE_NO_MATCH Description:Opaque does not match Attributes:[conn-state-invalidated] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 31:{Name:AUTH_STALE Description:Reauthentication required Attributes:[conn-state-invalidated auth] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 32:{Name:AUTH_ERROR Description:Authentication failed Attributes:[conn-state-invalidated auth] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 33:{Name:AUTH_CONTINUE Description:Continue authentication processs Attributes:[special-handling] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 34:{Name:ERANGE Description:Invalid range requested Attributes:[invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 35:{Name:ROLLBACK Description:Rollback Attributes:[dcp special-handling] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 36:{Name:EACCESS Description:Not authorized for command Attributes:[support] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 37:{Name:NOT_INITIALIZED Description:Server not initialized Attributes:[conn-state-invalidated] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 128:{Name:UNKNOWN_FRAME_INFO Description:Unknown frame info identifier encountered. Maybe a newer server version knows about it Attributes:[support] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 129:{Name:UNKNOWN_COMMAND Description:Unknown command. Maybe a newer server version knows about it Attributes:[support] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 130:{Name:ENOMEM Description:No memory available to store item. Add memory or remove some items and try later Attributes:[temp retry-later] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 131:{Name:NOT_SUPPORTED Description:Command not supported with current bucket type/configuration Attributes:[support] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 132:{Name:EINTERNAL Description:Internal error. Reconnect recommended Attributes:[internal conn-state-invalidated] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 133:{Name:EBUSY Description:Busy, try again Attributes:[temp retry-now] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 134:{Name:ETMPFAIL Description:Temporary failure. Try again Attributes:[temp retry-now] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 135:{Name:XATTR_EINVAL Description:Invalid extended attribute Attributes:[invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 136:{Name:UNKNOWN_COLLECTION Description:Operation specified an unknown collection. Attributes:[invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 137:{Name:NO_COLLECTIONS_MANIFEST Description:No collections manifest has been set. Attributes:[retry-later] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 138:{Name:CANNOT_APPLY_COLLECTIONS_MANIFEST Description:The manifest cannot applied to the bucket's vbuckets. Attributes:[invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 140:{Name:UNKNOWN_SCOPE Description:Operation specified an unknown scope. Attributes:[invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 141:{Name:DCP stream-ID invalid Description:Operations stream-ID usage is incorrect. Attributes:[invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 160:{Name:DurabilityInvalidLevel Description:Durability level is invalid Attributes:[invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 161:{Name:DurabilityImpossible Description:Durability requirements are impossible to achieve Attributes:[item-only invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 162:{Name:SyncWriteInProgress Description:The requested key has a pending synchronous write Attributes:[item-only retry-later] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 163:{Name:SyncWriteAmbiguous Description:The SyncWrite request has not completed in the specified time and has ambiguous result - it may Succeed or Fail; but the final value is not yet known Attributes:[item-only] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 164:{Name:SyncWriteReCommitInProgress Description:The requested key has a SyncWrite which is being re-committed. Attributes:[item-only retry-later] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 192:{Name:SUBDOC_PATH_ENOENT Description:Subdoc: Path not found in document Attributes:[subdoc item-only] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 193:{Name:SUBDOC_PATH_MISMATCH Description:Subdoc: Path and document disagree on structure Attributes:[subdoc item-only] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 194:{Name:SUBDOC_PATH_EINVAL Description:Subdoc: Invalid path (bad syntax or unacceptable semantics for command Attributes:[subdoc invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 195:{Name:SUBDOC_PATH_E2BIG Description:Subdoc: Path size exceeds limit Attributes:[subdoc invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 196:{Name:SUBDOC_PATH_E2DEEP Description:Subdoc: Path is too deep to be parsed Attributes:[subdoc invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 197:{Name:SUBDOC_VALUE_CANTINSERT Description:Subdoc: Value invalid for insertion Attributes:[subdoc invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 198:{Name:SUBDOC_DOC_NOTJSON Description:Subdoc: Document not JSON Attributes:[subdoc item-only] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 199:{Name:SUBDOC_NUM_ERANGE Description:Subdoc: Existing numeric value is not within range Attributes:[subdoc item-only] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 200:{Name:SUBDOC_DELTA_EINVAL Description:Subdoc: Invalid value passed for delta (out of range, or not an integer Attributes:[subdoc item-only] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 201:{Name:SUBDOC_PATH_EEXISTS Description:Subdoc: Path already exists Attributes:[subdoc item-only] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 202:{Name:SUBDOC_VALUE_ETOODEEP Description:Subdoc: Value is too deep, or would make the document too deep Attributes:[subdoc invalid-input item-only] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 203:{Name:SUBDOC_INVALID_COMBO Description:Subdoc: Lookup and mutation commands found within single packet Attributes:[subdoc invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 204:{Name:SUBDOC_MULTI_PATH_FAILURE Description:Subdoc: Some (or all) commands failed. Inspect payload for details Attributes:[subdoc special-handling] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 205:{Name:SUBDOC_SUCCESS_DELETED Description:Subdoc: Success, but the affected document was (and still is) deleted Attributes:[item-deleted success subdoc] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 206:{Name:SUBDOC_XATTR_INVALID_FLAG_COMBO Description:Subdoc: The flag combination doesn't make any sense Attributes:[subdoc invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 207:{Name:SUBDOC_XATTR_INVALID_KEY_COMBO Description:Subdoc: The key combination of the xattrs is not allowed Attributes:[subdoc invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 208:{Name:SUBDOC_XATTR_UNKNOWN_MACRO Description:Subdoc: The server don't know about the specified macro Attributes:[subdoc invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 209:{Name:SUBDOC_XATTR_UNKNOWN_VATTR Description:Subdoc: The server don't know about the specified virtual attribute Attributes:[subdoc invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 210:{Name:SUBDOC_XATTR_CANT_MODIFY_VATTR Description:Subdoc: Can't modify virtual attributes Attributes:[subdoc invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 211:{Name:SUBDOC_MULTI_PATH_FAILURE_DELETED Description:Subdoc: One or more paths in a multi-path command failed on a deleted document Attributes:[item-deleted subdoc special-handling] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 212:{Name:SUBDOC_INVALID_XATTR_ORDER Description:Subdoc: Invalid XATTR order (xattrs should come first) Attributes:[subdoc invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 213:{Name:SUBDOC_XATTR_UNKNOWN_VATTR_MACRO Description:Subdoc: The server don't know about (or support) the specified virtual macro Attributes:[subdoc invalid-input] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 214:{Name:SUBDOC_CAN_ONLY_REVIVE_DELETED_DOCUMENTS Description:Subdoc: Only deleted documents can be revived Attributes:[subdoc item-only] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}} 215:{Name:SUBDOC_DELETED_DOCUMENT_CANT_HAVE_VALUE Description:Subdoc: A deleted document can't have a value Attributes:[subdoc item-only] Retry:{Strategy: Interval:0 After:0 Ceil:0 MaxDuration:0}}]}
      GOCB 16:59:10.713326 memdclient.go:706: Memdclient `172.23.111.128:11207/0xc000348000` Server supported auth mechanisms: [SCRAM-SHA512 SCRAM-SHA256 SCRAM-SHA1 PLAIN]
      GOCB 16:59:10.713363 memdclient.go:781: Memdclient `172.23.111.128:11207/0xc000348000` Authenticated successfully
      GOCB 16:59:10.713392 memdclient.go:794: Memdclient `172.23.111.128:11207/0xc000348000` Client Features: [2 6 8 7 11 4 15 18 14 16 23 25 20 17]
      GOCB 16:59:10.713405 memdclient.go:795: Memdclient `172.23.111.128:11207/0xc000348000` Server Features: [4 6 7 8 11 14 15 16 17 18 20 23 25]
      GOCB 16:59:10.713797 memdpipelineclient.go:249: Pipeline Client `172.23.111.128:11207/0xc00011bab0` starting new client loop for 0xc000348000
      GOCB 16:59:10.713835 memdpipelineclient.go:111: Pipeline client `172.23.111.128:11207/0xc00011bab0` IO loop starting...
      GOCB 16:59:10.713847 memdpipelineclient.go:116: Pipeline client `172.23.111.128:11207/0xc00011bab0` fetching new consumer
      GOCB 16:59:10.713938 memdpipelineclient.go:86: Pipeline client `172.23.111.128:11207/0xc00011bab0` client watcher starting...
      GOCB 16:59:10.866691 cccpcfgcontroller.go:146: CCCPPOLL: Got Block: {"rev":73,"nodesExt":[{"services":{"backupAPI":8097,"backupAPIHTTPS":18097,"backupGRPC":9124,"capi":8092,"capiSSL":18092,"cbas":8095,"cbasSSL":18095,"eventingAdminPort":8096,"eventingDebug":9140,"eventingSSL":18096,"fts":8094,"ftsGRPC":9130,"ftsGRPCSSL":19130,"ftsSSL":18094,"indexAdmin":9100,"indexHttp":9102,"indexHttps":19102,"indexScan":9101,"indexStreamCatchup":9104,"indexStreamInit":9103,"indexStreamMaint":9105,"kv":11210,"kvSSL":11207,"mgmt":8091,"mgmtSSL":18091,"n1ql":8093,"n1qlSSL":18093,"projector":9999},"thisNode":true}],"clusterCapabilitiesVer":[1,0],"clusterCapabilities":{"n1ql":["enhancedPreparedStatements"]},"revEpoch":1}
      GOCB 16:59:10.867061 cccpcfgcontroller.go:178: CCCPPOLL: Received new config
      GOCB 16:59:10.867132 configmanagement_component.go:54: Using network type default for connections
      GOCB 16:59:10.867150 configmanagement_component.go:129: Configuration data changed bucket type, switching.
      GOCB 16:59:10.867162 configmanagement_component.go:66: Sending out mux routing data (update)...
      GOCB 16:59:10.867252 configmanagement_component.go:67: New Routing Data:
      Revision ID: 73
      Revision Epoch: 1
      Capi Eps:
        - https://172.23.111.128:18092
      Mgmt Eps:
        - https://172.23.111.128:18091
      N1ql Eps:
        - https://172.23.111.128:18093
      FTS Eps:
        - https://172.23.111.128:18094
      CBAS Eps:
        - https://172.23.111.128:18095
      Eventing Eps:
        - https://172.23.111.128:18096
      GSI Eps:
        - https://172.23.111.128:19102
      Backup Eps:
        - https://172.23.111.128:18097
      VBMap: not-used
      KetamaMap: not-used
      GOCB 16:59:10.867304 kvmux.go:562: Draining queue &{address:172.23.111.128:11207 getClientFn:0x12f5b60 maxItems:2048 queue:0xc0000a8760 maxClients:1 clients:[] clientsLock:{state:0 sema:0}}
      GOCB 16:59:10.867321 clusteragent.go:139: Cluster agent applying config rev id: 73
      GOCB 16:59:10.867333 memdpipelineclient.go:116: Pipeline client `172.23.111.128:11207/0xc00011bab0` fetching new consumer
      

      Attachments

        For Gerrit Dashboard: GOCBC-1183
        # Subject Branch Project Status CR V

        Activity

          The issue here is https://github.com/couchbase/gocb/blob/master/client.go#L53-L61. When TLSSkipVerify is false then we return nil for in the gocbcore TLS callack,  if no TLSRootCAs are provided then that value also happens to be nil...

          Not sure how we're going to address this, probably if TLSSkipVerify is false and there are no root CAs then set the callback to return an empty pool.

          charles.dixon Charles Dixon added a comment - The issue here is https://github.com/couchbase/gocb/blob/master/client.go#L53-L61 . When TLSSkipVerify is false then we return nil for in the gocbcore TLS callack,  if no TLSRootCAs are provided then that value also happens to be nil... Not sure how we're going to address this, probably if TLSSkipVerify is false and there are no root CAs then set the callback to return an empty pool.

          People

            charles.dixon Charles Dixon
            jake.rawsthorne#1 Jake Rawsthorne [X] (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty