diff options
| -rwxr-xr-x | configure | 2 | ||||
| -rw-r--r-- | rel/overlay/etc/default.ini | 23 |
2 files changed, 25 insertions, 0 deletions
@@ -62,6 +62,7 @@ cat > rel/bigcouch.config << EOF {user, "$BIGCOUCH_USER"}. {node_name, "-name bigcouch"}. {cluster_port, 5984}. +{cluster_ssl, 6984}. {backend_port, 5986}. EOF @@ -81,6 +82,7 @@ cat > rel/dev$i.config << EOF {view_dir, "$DIRPATH/rel/tmpdata/dev$i"}. {node_name, "-name dev$i@127.0.0.1"}. {cluster_port, `expr 10000 \* $i + 5984`}. +{cluster_ssl, `expr 10000 \* $i + 6984`}. {backend_port, `expr 10000 \* $i + 5986`}. EOF done diff --git a/rel/overlay/etc/default.ini b/rel/overlay/etc/default.ini index 81c363da..cb032152 100644 --- a/rel/overlay/etc/default.ini +++ b/rel/overlay/etc/default.ini @@ -17,6 +17,27 @@ port = {{cluster_port}} backlog = 512 docroot = {{prefix}}/share/www +[chttps] +port = {{cluster_ssl}} + +; cert_file = /full/path/to/server_cert.pem +; key_file = /full/path/to/server_key.pem +; password = somepassword +; also remember to enable the chttps daemon in [daemons] section. + +; set to true to validate peer certificates +verify_ssl_certificates = false + +; Path to file containing PEM encoded CA certificates (trusted +; certificates used for verifying a peer certificate). May be omitted if +; you do not want to verify the peer. +;cacert_file = /full/path/to/cacertf + +; The verification fun (optional) if not specified, the default +; verification fun will be used. +;verify_fun = {Module, VerifyFun} +ssl_certificate_max_depth = 1 + [httpd] port = {{backend_port}} bind_address = 127.0.0.1 @@ -65,6 +86,8 @@ auth_cache={couch_auth_cache, start_link, []} replication_manager={couch_replication_manager, start_link, []} vhosts={couch_httpd_vhost, start_link, []} os_daemons={couch_os_daemons, start_link, []} +; Uncomment next line to enable SSL daemon +; chttpsd = {chttpd, start_link, [https]} [httpd_global_handlers] / = {couch_httpd_misc_handlers, handle_welcome_req, <<"Welcome">>} |