I need to get SSL communication working between my Sync Gateway instance and my Couchbase cluster. I have set up a certificate and I have my cluster listening on SSL on port 18091. I realize that this setup seems sort of trivial and maybe unnecessary, but I’m setting up a HIPAA compliant environment in AWS, and the terms of the AWS BAA dictate that all communication between AWS instances must be encrypted with SSL to be HIPAA compliant.
I’ve got the ‘databases’ section of my sync gateway config set up like this:
"databases": {
"sync_gateway": {
"server": "https://10.0.18.10:18091",
"bucket": "sandbox_sync_gateway"
}
}
However, when I start up the sync gateway, it just immediately attempts to connect on http and port 8091. It never tries SSL port 18091. I get a lot of error messages like this (because I have port 8091 closed. 18091 is open):
I saw this issue on the sync gateway Github. I commented on it a couple days ago. The gist of the issue is that the go-couchbase library didn’t support SSL connections as of February 2016.
However, it looks to me like SSL support was added to go-couchbase in this commit in March.
Can anyone comment on the status of SSL between SG and CB cluster as of Dec 2016? Does the sync gateway dependency on go-couchbase just need to be updated? Why was the status of that sync gateway issue changed to icebox a couple weeks ago?