$ curl -v -X GET https://localhost:6984 * About to connect() to localhost port 6984 (#0) * Trying 127.0.0.1... connected * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * Unknown SSL protocol error in connection to localhost:6984 * Closing connection #0 curl: (35) Unknown SSL protocol error in connection to localhost:6984But I have done this several times before and it did work so I knew it should be a problem with certificates. How to debug what is going on? From erlang traces we could barely see any other clue than the fact there was a crash after loading the key so running a local server using the certificate and key should be the next step to later test if from that server (default port is 4433) we get a better curl reponse so:
$ openssl s_server -key couchdb.pem -cert couchdb.cert.pem -www Enter pass phrase for couchdb.sample.com.pemAnd that was the issue, the key needed a password. This can be either configured or removed from the key so it works without a password. No need to say which one is more secure.