googlecouchdb

Enable SSL on CouchDB

You can enable SSL on CouchDB using these steps:

  • Stop CouchDB.

      $ sudo /opt/bitnami/ctlscript.sh stop couchdb

  • Edit the /opt/bitnami/couchdb/etc/local.ini file and make sure the [ssl] section includes at least the following lines uncommented:

      [ssl]
  port = 6984
  enable = true
  cert_file = /opt/bitnami/couchdb/etc/server.crt
  key_file = /opt/bitnami/couchdb/etc/server.key

    The certificates Bitnami includes are self-signed so you might get a warning when trying to access your site. To avoid this warning, you should get new certificates signed by a Certificate Authority, and uncomment the following line:

      ;cacert_file = /full/path/to/cacertf

  • Finally, start your CouchDB server again and you will be able to access CouchDB over SSL at the selected port eg. at https://SERVER-IP:6984/.

      $ sudo /opt/bitnami/ctlscript.sh restart couchdb

  • (Optional) Open the CouchDB HTTPS port in the server firewall for remote access. For more information, refer to the FAQ.

    NOTE: Remember to change the bind_address from 127.0.0.1 to 0.0.0.0 if you want to connect to CouchDB from a different machine. Refer to these instructions for more information.

Last modification December 21, 2022