ok i followed the instructions at https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=48203146 and after restarting the couchdb service, with a self-signed key, iḿ now stuck at ERR_ADDRESS_UNREACHABLE which is really puzzling to me.
i'll try the good old reboot just to be sure, and then, stomach permitting, i'll use the CA Signed Cert path it also offers. god how i hate https ;) output of following those instructions is : root@albatross:/opt/couchdb/etc/https# ls nicer.app--generated-csr.txt nicer.app--generated-private-key.txt root@albatross:/opt/couchdb/etc/https# openssl OpenSSL> ^C root@albatross:/opt/couchdb/etc/https# openssl genrsa -out server.key 2048 Generating RSA private key, 2048 bit long modulus (2 primes) ....+++++ ..+++++ e is 65537 (0x010001) root@albatross:/opt/couchdb/etc/https# ls nicer.app--generated-csr.txt nicer.app--generated-private-key.txt server.key root@albatross:/opt/couchdb/etc/https# openssl -req -new -key server.key -out server.csr Invalid command '-req'; type "help" for a list. root@albatross:/opt/couchdb/etc/https# openssl req -new -key server.key -out server.csr Can't load /root/.rnd into RNG 139976184963520:error:2406F079:random number generator:RAND_load_file:Cannot open file:../crypto/rand/randfile.c:88:Filename=/root/.rnd You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]:NL State or Province Name (full name) [Some-State]:Noord-Holland Locality Name (eg, city) []:Amsterdam Organization Name (eg, company) [Internet Widgits Pty Ltd]:NicerApp Organizational Unit Name (eg, section) []:. Common Name (e.g. server FQDN or YOUR name) []:nicer.app Email Address []:[email protected] Please enter the following 'extra' attributes to be sent with your certificate request A challenge password []:{NOTINCLUDED}- An optional company name []:. root@albatross:/opt/couchdb/etc/https# openssl x509 -req -sha256 -days 1095 -in server.csr -signkey server.key -out server.crt Signature ok subject=C = NL, ST = Noord-Holland, L = Amsterdam, O = NicerApp, CN = nicer.app, emailAddress = [email protected] Getting Private key root@albatross:/opt/couchdb/etc/https# cd .. root@albatross:/opt/couchdb/etc# gedit local.ini ^C root@albatross:/opt/couchdb/etc# vi local.ini root@albatross:/opt/couchdb/etc# service couchdb restart On Mon, Aug 12, 2019 at 8:06 AM Rene Veerman <[email protected]> wrote: > i added the DNS records over a week ago, and got regular traffic to apache > at the default https port to work. > it's just couchdb that i can't use when using that domain name. > > and no, this server is hosted at my home behind a ADSL line, godaddy as > registrar and afraid.org as DNS provider. > > On Mon, Aug 12, 2019 at 8:04 AM Jonathan Aquilina <[email protected]> > wrote: > >> Https is enforced on your server is this server in google cloud? >> >> Regards, >> Jonathan Aquilina >> Owner managing director >> >> Phone (356) 20330099 >> Mobile (356) 78857942 >> >> Email [email protected] >> ________________________________ >> From: Rene Veerman <[email protected]> >> Sent: Monday, August 12, 2019 8:02:52 AM >> To: [email protected] <[email protected]> >> Subject: Re: running couchdb on a .app domain (https enforced) >> >> doesn't a host file just translate names to IP addresses, without >> specifying anything about ports? >> i've never read or heard about a hosts file or a DNS setup for that >> matter, >> specifying anything about ports. >> >> i think it has something to do with the fact that on .app, https is >> enforced by the TLD registrar (which is google). >> but i have no clue on how to fix it. >> >> could it be that couchdb itself needs a HTTPS certificate specified? >> i did some googling, and found >> https://cwiki.apache.org/confluence/pages/viewpage.action?pageId=48203146 >> , >> which i'll try to implement in a little while, at the moment my stomach is >> killing me if i sit at the desk, for some reason.. >> >> >> >> On Mon, Aug 12, 2019 at 7:56 AM Per Torstensson < >> [email protected]> >> wrote: >> >> > If you are running the server from the same network as your client, >> could >> > it be that you need to add manual entries in your host file? >> > >> > -Per >> > >> > > 12 aug. 2019 kl. 07:49 skrev Rene Veerman <[email protected]>: >> > > >> > > root@albatross:/home/rene/data1/htdocs/nicer.app# tail >> > > /var/log/couchdb/couchdb.log >> > > [notice] 2019-08-12T03:46:47.333273Z [email protected] <0.28155.22> >> > > 90ff2d612e nicer.app 211.249.40.12 undefined GET /_utilsit 401 ok 0 >> > > [notice] 2019-08-12T04:06:30.916355Z [email protected] <0.15768.23> >> > > 1b0a651329 nicer.app 211.249.40.12 undefined GET /_utils 301 ok 0 >> > > [notice] 2019-08-12T04:07:28.715744Z [email protected] <0.16715.23> >> > > a02251ebab nicer.app:5984 23.226.211.152 undefined GET /_utils 301 ok >> 0 >> > > [notice] 2019-08-12T04:07:28.988497Z [email protected] <0.16715.23> >> > > 9762923dd4 nicer.app:5984 23.226.211.152 undefined GET /_utils/ 200 >> ok 1 >> > > [notice] 2019-08-12T04:07:30.186957Z [email protected] <0.16726.23> >> > > 35abe0105d nicer.app:5984 23.239.180.202 undefined GET >> > > /_utils/dashboard.assets/img/couchdb-logo.png 200 ok 1 >> > > >> > > it seems others can connect to my couchdb, but i can't.... ?!#!@@$!@ >> ;) >> > > >> > > and even when browsing to http://nicer.app:5984/_utils from the >> machine >> > it >> > > runs on, i get stuck at 'establishing secure connection'. >> > > >> > > On Mon, Aug 12, 2019 at 6:07 AM Jonathan Aquilina < >> > [email protected]> >> > > wrote: >> > > >> > >> Check the server itself the domain has nothing to do with it is there >> > >> anything useful maybe in the logs? >> > >> >> > >> >> > >> >> > >> -----Original Message----- >> > >> From: Rene Veerman <[email protected]> >> > >> Sent: Monday, 12 August 2019 06:06 >> > >> To: [email protected] >> > >> Subject: Re: running couchdb on a .app domain (https enforced) >> > >> >> > >> if i browse to https://nicer.app:5984/_utils, it's stuck at >> > 'Establishing >> > >> secure connection', then fails with 'server took too long to >> respond'. >> > :( >> > >> >> > >> On Mon, Aug 12, 2019 at 6:03 AM Jonathan Aquilina < >> > [email protected] >> > >>> >> > >> wrote: >> > >> >> > >>> That is correct usually DNS just points a domain or subdomain to the >> > >>> server then you can use any port you want for example >> > >>> >> > >>> https://DOMAIN:PORT/_utils for example if you want to access >> fauxton >> > >>> >> > >>> Regards, >> > >>> Jonathan >> > >>> >> > >>> -----Original Message----- >> > >>> From: Rene Veerman <[email protected]> >> > >>> Sent: Monday, 12 August 2019 05:46 >> > >>> To: [email protected] >> > >>> Subject: Re: running couchdb on a .app domain (https enforced) >> > >>> >> > >>> as far as i know, DNS only connects a domain name to an ip address, >> > >>> not to any specific port. >> > >>> there's certainly no option at afraid.org to set it. >> > >>> >> > >>> On Sun, Aug 11, 2019 at 9:20 PM Peter J Krawetzky >> > >>> <[email protected]> >> > >>> wrote: >> > >>> >> > >>>> So it seems you are using freedns. Couldn't you just create a new >> > >>>> entry like couchdb.nicer.app and point it to the couchdb server and >> > >>>> port?PeterSent from my Verizon, Samsung Galaxy smartphone >> > >>>> -------- Original message --------From: Rene Veerman < >> > >>>> [email protected]> Date: 8/11/19 11:58 (GMT-05:00) To: >> > >>>> [email protected] Subject: Re: running couchdb on a .app >> > >>>> domain (https enforced) i don't know much about DNS, other than how >> > >>>> to set it from my domainregistrar to a DNS provider (i use >> > >>>> afraid.org), and have the followingrecords there :11 >> > >>>> subdomainsnicer.app [ add ]< >> > >>>> >> https://freedns.afraid.org/subdomain/edit.php?edit_domain_id=1290281 >> > >>>>> irc.nicer.app< >> > >>>> https://freedns.afraid.org/subdomain/edit.php?data_id=18643169> >> > >>>> (*G*) *NotYet Configured.*nicer.app < >> > >>>> https://freedns.afraid.org/subdomain/edit.php?data_id=18643167> >> > >>>> (*G*) A 82.161.37.94nicer.app < >> > >>>> https://freedns.afraid.org/subdomain/edit.php?data_id=18643168> >> > >>>> (*G*) MX 10:seductiveapps.comftp.nicer.app< >> > >>>> https://freedns.afraid.org/subdomain/edit.php?data_id=18643166> >> > >>>> (*G*) A82.161.37.94imap.nicer.app< >> > >>>> https://freedns.afraid.org/subdomain/edit.php?data_id=18643171> >> > >>>> (*G*) A82.161.37.94lib.nicer.app< >> > >>>> https://freedns.afraid.org/subdomain/edit.php?data_id=18643174> >> > >>>> (*G*) A82.161.37.94mail.nicer.app< >> > >>>> https://freedns.afraid.org/subdomain/edit.php?data_id=18643165> >> > >>>> (*G*) A82.161.37.94media.nicer.app< >> > >>>> https://freedns.afraid.org/subdomain/edit.php?data_id=18643173> >> > >>>> (*G*) A82.161.37.94smtp.nicer.app< >> > >>>> https://freedns.afraid.org/subdomain/edit.php?data_id=18643170> >> > >>>> (*G*) A82.161.37.94tnp.nicer.app< >> > >>>> https://freedns.afraid.org/subdomain/edit.php?data_id=18643172> >> > >>>> (*G*) A82.161.37.94www.nicer.app< >> > >>>> https://freedns.afraid.org/subdomain/edit.php?data_id=18643164> >> > >>>> (*G*) A82.161.37.94traffic to regular apache at the https port does >> > >>>> work by the way.i'd love to hear more about what to adjust in what >> > >>>> file.coz now i'm still stuck :(On Sun, Aug 11, 2019 at 5:52 PM >> Peter >> > >>>> J Krawetzky < [email protected]>wrote:> You either need a DNS >> > >>>> definition on your network or an entry in the local> host's file on >> > >>>> the couch server PeterSent from my Verizon, Samsung Galaxy> >> > >>>> smartphone> -------- Original message >> > >>>> --------From: Rene Veerman <> [email protected]> Date: >> 8/11/19 >> > >>>> 11:35 (GMT-05:00) To:> [email protected] Subject: running >> > >>>> couchdb on a .app domain (https> enforced) i can connect to >> > >>>> localhost:5984/_utils, but not to> nicer.app:5984/_utilsit's the >> > >>>> same machine.how do i get couchdb to work on> a .app domain and be >> > >>>> addressable by that.app domain name?thanks in advance> for any help >> > >>>> you >> > >>> can provide. >> > >>> >> > >> >> > >> >
