Unable to connect CouchDB using python-cloudant when TLS is enabled #5124

suman2007 · 2024-07-10T09:54:46Z

suman2007
Jul 10, 2024

I am using self-signed certificate in CouchDb. Normal when I am trying to connect with request or server = couchdb.Server(url) it's getting connected by disabling server.resource.session.disable_ssl_verification().
But while I am using cloudant client = CouchDB(USERNAME, PASSWORD, url=URL, connect=True, auto_renew=True, verify=False) it's throwing error requests.exceptions.SSLError: HTTPSConnectionPool(host='127.0.0.1', port=6984): Max retries exceeded with url: /_session (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)'),))

Code

from cloudant import CouchDB
import requests

# Disable SSL warnings
requests.packages.urllib3.disable_warnings(requests.packages.urllib3.exceptions.InsecureRequestWarning)

# Replace these variables with your actual credentials
USERNAME = 'admin'
PASSWORD = 'admin'
URL = 'https://127.0.0.1:6984'  # Use HTTPS and the correct port
CA_PATH = '/cert/server-cert.pem'

# Initialize the CouchDB client with HTTPS and disable SSL verification
client = CouchDB(USERNAME, PASSWORD, url=URL, connect=True, auto_renew=True, verify=False)


# Access a database
db_name = 'your-database'
if db_name in client:
    db = client[db_name]
else:
    db = client.create_database(db_name)

# Perform operations on the database
# For example, to create a document
data = {
    'type': 'example',
    'name': 'sample document'
}
doc = db.create_document(data)

if doc.exists():
    print(f'Document {doc["_id"]} created successfully.')

# Don't forget to close the connection when done
client.disconnect()

System RHEL 8.8
Python 3.6.8
couchdb-3.3.3.2-1.el8.x86_64
cloudant 2.15.0

Any cone could help.

rnewson · 2024-07-10T10:39:27Z

rnewson
Jul 10, 2024
Collaborator

This sounds like an issue with python-cloudant not CouchDB.

You should not disable TLS certification verification, this removes much of the security benefit of TLS. Instead you should make a private CA and add its certificate to your clients trusted certificate bundle.

2 replies

suman2007 Jul 11, 2024
Author

Thanks @rnewson
Yes, I also tested without Cloudant and works properly but through Cloudant it's falling.

rnewson Jul 11, 2024
Collaborator

This doesn't seem to be an error in CouchDB, but possibly an issue with python-cloudant. That software is managed by a different organisation so you will need to open an issue with them.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Unable to connect CouchDB using python-cloudant when TLS is enabled #5124

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 1 comment 2 replies

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Unable to connect CouchDB using python-cloudant when TLS is enabled #5124

Uh oh!

Uh oh!

suman2007 Jul 10, 2024

Replies: 1 comment · 2 replies

Uh oh!

rnewson Jul 10, 2024 Collaborator

Uh oh!

suman2007 Jul 11, 2024 Author

Uh oh!

rnewson Jul 11, 2024 Collaborator

suman2007
Jul 10, 2024

Replies: 1 comment 2 replies

rnewson
Jul 10, 2024
Collaborator

suman2007 Jul 11, 2024
Author

rnewson Jul 11, 2024
Collaborator