Uploaded image for project: 'Couchbase Server'
  1. Couchbase Server
  2. MB-48113

cbdocloader does not work with no-ssl-verify flag

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Major
    • 7.0.2
    • 7.0.2
    • tools
    • Untriaged
    • 1
    • Unknown

    Description

      7.0.2-6577

      Install 7.0.2-6577 and init the cluster
      Enforce tls with following:
      [root@node2-cb700-beta-centos7 bin]# ./couchbase-cli setting-autofailover -c http://localhost:8091 -u Administrator -p password --enable-auto-failover 0
      SUCCESS: Auto-failover settings modified
      [root@node2-cb700-beta-centos7 bin]# ./couchbase-cli node-to-node-encryption -c http://localhost:8091 -u Administrator -p password --enable
      Turned on encryption for node: http://[::1]:8091
      SUCCESS: Switched node-to-node encryption on
      [root@node2-cb700-beta-centos7 bin]# ./couchbase-cli setting-security -c http://localhost:8091 -u Administrator -p password --set --cluster-encryption-level strict
      SUCCESS: Security settings updated
      [root@node2-cb700-beta-centos7 bin]# cd /opt/couchbase/var/lib/couchbase/logs/

      Create default bucket
      Try to load data into it with cbdocloader:
      [root@node2-cb700-beta-centos7 bin]# ./cbdocloader -c https://10.112.210.102:18091 -u Administrator -p password -b default -d /opt/couchbase/samples/travel-sample.zip -m 512
      WARNING: cbdocloader is deprecated
      2021-08-23T21:28:04.588-07:00 ERRO: (REST) (Attempt 1) (GET) Failed to dispatch request to 'https://10.112.210.102:18091/pools/default/nodeServices': Get "https://10.112.210.102:18091/pools/default/nodeServices": x509: certificate signed by unknown authority – rest.(*Request).execute() at request.go:228
      JSON import failed: Get "https://10.112.210.102:18091/pools/default/nodeServices": x509: certificate signed by unknown authority

      If you are using self-signed certificates you can re-run this command with
      the --no-ssl-verify flag. Note however that disabling ssl verification
      means that cbbackupmgr will be vulnerable to man-in-the-middle attacks.

      For the most secure access to Couchbase make sure that you have X.509
      certificates set up in your cluster and use the --cacert flag to specify
      your client certificate.

      Try again with no-ssl-verify flag:
      [root@node2-cb700-beta-centos7 bin]# ./cbdocloader -c https://10.112.210.102:18091 -u Administrator -p password -b default -d /opt/couchbase/samples/travel-sample.zip -m 512 -no-ssl-verify
      Unknown flag: -no-ssl-verify

      cbdocloader [<args>]

      Required Flags:

      c,-cluster The hostname of the Couchbase cluster
      u,-username The username of the Couchbase cluster
      p,-password The password of the Couchbase cluster
      b,-bucket The bucket name to load the json data into
      m,-bucket-quota The bucket memory quota
      d,-dataset The location of the json data

      Optional Flags:

      t,-threads The amount of parallelism use (Default is 1)
      v,-verbose Enable logging to stdout
      h,-help Prints the help message

      Same works fine with cbbackupmgr

      Attachments

        No reviews matched the request. Check your Options in the drop-down menu of this sections header.

        Activity

          People

            arunkumar Arunkumar Senthilnathan (Inactive)
            arunkumar Arunkumar Senthilnathan (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Gerrit Reviews

                There are no open Gerrit changes

                PagerDuty