connectionString with schema "couchbases://..." doesn't connect to TLS ports

Anthony_Le · March 12, 2021, 4:28am

Hi Everyone,

The java SDK client 3.1 doesn’t connect to TLS ports when my connection String is “couchbases://…”
I have to specify explicitly by setting java code: securityConfigBuilder.enableTls(true);
Please correct me if I’m wrong that the schema “couchbases://” in connection String denotes that the Java SDK client will connection TLS ports instead of plain TCP ports?
Because I noticed that it in your documentary .NET or C SDK, the prefix “couchbases://” denotes secure connections, but In Java SDK, it’s not mentioned

Thanks

david.nault · March 12, 2021, 5:27am

Hi Anthony,

With the Java SDK, if you create a custom ClusterEnvironment the connection string scheme and parameters are ignored. This is because it’s assumed you’re going to share the environment between multiple clusters, each of which might use a different connection string.

If the only thing you’re customizing is enabling TLS, it’s possible like this:

Cluster cluster = Cluster.connect(
    "couchbases://<hostname>?certpath=/path/to/trusted-cert.pem",
    "username", "password");

In terms of configuration, this is equivalent to:

ClusterEnvironment env = ClusterEnvironment.builder()
    .securityConfig(SecurityConfig
        .enableTls(true)
        .trustedCertificate(Paths.get("/path/to/trusted-cert.pem")))
    .build();
Cluster cluster = Cluster.connect("<hostname>", ClusterOptions
    .clusterOptions("username", "password")
        .environment(env));

If you’re not sharing the ClusterEnvironment between multiple clusters, you can still pick up the config from the connection string, but it’s a bit more work:

String connectionString = "couchbases://<hostname>?certpath=/path/to/trusted-cert.pem";
ClusterEnvironment.Builder envBuilder = ClusterEnvironment.builder();

// copy config from connection string to environment
new ConnectionStringPropertyLoader(connectionString).load(envBuilder);

// envBuilder now has TLS enabled and cert path configured.
// ... customize the environment further if you want.

Cluster cluster = Cluster.connect(connectionString, ClusterOptions
    .clusterOptions("username", "password")
        .environment(envBuilder.build()));

Thanks,
David

Topic		Replies	Views
SSL Connection with java client 3.5.0 Java SDK connections , security , java	10	1010	April 28, 2024
Java SDK connection with Certificate Authentication issue Java SDK connections , java	23	2861	August 4, 2022
Java SDK3.1 with TLS connection failing with AmbiguousTimeoutException Java SDK connections , java	10	2108	September 1, 2021
Cannot connect using JAVA SDK via SSL Java SDK connections	0	1229	July 11, 2018
Spring Boot application.propertics ? TLS? How connection to CouchBase Couchbase Server java	4	1017	April 21, 2024

connectionString with schema "couchbases://..." doesn't connect to TLS ports

Related topics