i am running below command line to know whether the cluster is ssl enabled or not
/opt/couchbase/bin/couchbase-cli ssl-manage -c xxx.xxx.xxx.xxx --username admin --password admin --node-cert-info
The output of this has only WARNING to let us know whether it is ssl enabled or not.
Is there any other way to know whether the cluster is ssl enabled or not via command line?
Hi @Jayesh - apologies but I don’t quite understand…are you saying that the ssl-manage command doesn’t tell you whether it is enabled or not? Have you tried the ‘–cluster-cert-info’ option instead? ssl-manage | Couchbase Docs
That command will also give warning if the cluster is not ssl enabled. i wanted to know that irrespective of port can we know when to use https or http and also the --cacert option in the command
Hi @Jayesh, SSL/TLS is always “enabled” for Couchbase and encrypted vs non-encrypted traffic is always handled by separate ports. i.e. you can’t communicate using https on port 8091, and you can’t communicate using http on port 18091.
By default, both TLS and non-TLS ports are active and will accept traffic. Further configuration can be done to configure TLS (i.e. the certificates, acceptable ciphers, etc) and also to disable non-TLS (either to the WebUI only or for all traffic): Manage On-the-Wire Security | Couchbase Docs
I hope that helps clarify for you, please post any specific commands and output that you would like further clarification on.
Thank you @perry for the help