diff options
author | Robert Newson <rnewson@apache.org> | 2010-07-26 17:21:30 +0000 |
---|---|---|
committer | Robert Newson <rnewson@apache.org> | 2010-07-26 17:21:30 +0000 |
commit | 4b0948ddb3a428f8a5330e05745b2fbd4ccf9375 (patch) | |
tree | 5ab1dde286028653d5569ceae6dfc883fa365b7a /etc/couchdb | |
parent | cd214b23e8129868d4a7020ddafd55a16e496652 (diff) |
Add SSL support to CouchDB.
To enable SSL you need to do three things;
1) enable the httpsd daemon in local.ini (you can just uncomment the line).
2) supply your PEM-encoded cert and key files in the [ssl] section.
3) start CouchDB.
CouchDB will now, in addition to handling HTTP on port 5984, accept SSL connections on port 6984.
The patch itself adds SSL support by updating the local version of Mochiweb to the latest. The upstream release includes our local tweak to support large numbers and to handle Accept-Encoding headers. Our local Mochiweb fork changed the default idle timeout from 10 seconds to 5 minutes, and it was agreed on #irc to revert this change.
The only tweaks to Mochiweb were in mochiweb.app.src (to record the git commit I built from) and the removal of Makefile (replaced by Makefile.am).
Futon received many tweaks as we have 'http://' hardcoded all over. All such instances now use window.location.protocol + '//'.
CouchDB received a tweak to use the right scheme in couch_httpd:absolute_uri (it now gets it from the Mochireq and not mochiweb_socket_server).
git-svn-id: https://svn.apache.org/repos/asf/couchdb/trunk@979368 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'etc/couchdb')
-rw-r--r-- | etc/couchdb/default.ini.tpl.in | 3 | ||||
-rw-r--r-- | etc/couchdb/local.ini | 7 |
2 files changed, 10 insertions, 0 deletions
diff --git a/etc/couchdb/default.ini.tpl.in b/etc/couchdb/default.ini.tpl.in index 6b70777e..68350fc2 100644 --- a/etc/couchdb/default.ini.tpl.in +++ b/etc/couchdb/default.ini.tpl.in @@ -23,6 +23,9 @@ secure_rewrites = true vhost_global_handlers = _utils, _uuids, _session, _oauth, _users allow_jsonp = false +[ssl] +port = 6984 + [log] file = %localstatelogdir%/couch.log level = info diff --git a/etc/couchdb/local.ini b/etc/couchdb/local.ini index 1b31933c..458e1185 100644 --- a/etc/couchdb/local.ini +++ b/etc/couchdb/local.ini @@ -29,6 +29,13 @@ [log] ;level = debug +[daemons] +; enable SSL support by uncommenting the following line and supply the PEM's below. +; httpsd = {couch_httpd, start_link, [https]} + +[ssl] +;cert_file = /full/path/to/server_cert.pem +;key_file = /full/path/to/server_key.pem ; To enable Virtual Hosts in CouchDB, add a vhost = path directive. All requests to ; the Virual Host will be redirected to the path. In the example below all requests |