Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-48068

Each Refresh get SSL host/port

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 7.1.0, 7.0.2
    • 7.1.0, 7.0.2
    • query
    • None
    • Untriaged
    • 1
    • Unknown

    Description

      When SSL enabled the certificates will have actual host name.
      NS server passes cbq-engine local host. But for gocbcore we need to pass actual hostname in the certificates.
      We use to get hostname once at the start use that. Unfortunately that will not work the following case.
      bring single node cluster, hostname is local host
      enable encryption
      use transactions will work
      now add another node. The local hostname is changed to actual ip
      now transactions will not work.

      Solution: Each time certificates refresh get hostname and use that

      Attachments

        For Gerrit Dashboard: MB-48068
        # Subject Branch Project Status CR V

        Activity

          Build couchbase-server-7.0.2-6549 contains query commit 7df75f0 with commit message:
          MB-48068. Each TLS refresh get SSL host/port

          build-team Couchbase Build Team added a comment - Build couchbase-server-7.0.2-6549 contains query commit 7df75f0 with commit message: MB-48068 . Each TLS refresh get SSL host/port

          Build couchbase-server-7.1.0-1177 contains query commit fffbc5b with commit message:
          MB-48068. Each TLS refresh get SSL host/port

          build-team Couchbase Build Team added a comment - Build couchbase-server-7.1.0-1177 contains query commit fffbc5b with commit message: MB-48068 . Each TLS refresh get SSL host/port

          Verified on 7.0.2-6549 and 7.1.0-1177.

          1. Setup single node with strict mode
          2. Run n1ql transaction successfully
          3. Add new node and rebalance
          4. Run n1ql transaction successfully

          Prior to fix would see in step 4:

               "errors": [
                  {
                      "cause": {
                          "cause": {
                              "-": {
                                  "InnerError": {
                                      "InnerError": {},
                                      "Message": "unambiguous timeout"
                                  }
                              },
                              "i": "0x0",
                              "s": "LookupIn",
                              "t": 2501251
                          },
                          "raise": "failed",
                          "retry": true,
                          "rollback": true
                      },
                      "code": 17017,
                      "msg": "Transaction fetch error"
                  }
              ],

           

          pierre.regazzoni Pierre Regazzoni added a comment - Verified on 7.0.2-6549 and 7.1.0-1177. Setup single node with strict mode Run n1ql transaction successfully Add new node and rebalance Run n1ql transaction successfully Prior to fix would see in step 4:     "errors" : [         {             "cause" : {                 "cause" : {                     "-" : {                         "InnerError" : {                             "InnerError" : {},                             "Message" : "unambiguous timeout"                         }                     },                     "i" : "0x0" ,                     "s" : "LookupIn" ,                     "t" : 2501251                 },                 "raise" : "failed" ,                 "retry" : true ,                 "rollback" : true             },             "code" : 17017 ,             "msg" : "Transaction fetch error"         }     ],  

          People

            pierre.regazzoni Pierre Regazzoni
            Sitaram.Vemulapalli Sitaram Vemulapalli
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty