For SSL Cert authentication from .Net Client code, we are unable to authenticate it. Below are the steps we followed
Step1:
• openssl genrsa -out certCA.key 2048
• openssl req -x509 -new -nodes -key certCA.key -sha256 -days 1024 -out certCA.pem
• cat certCA.pem chain.pem > couchcert.pem
• openssl pkcs12 -export -out couchcertificate.pfx -inkey certCA.key -in couchcert.pem
Imported the couchcertficate.pfx in mmc of the windows client machine and took the thumbprint value.
Step2:
.Net Client Code:
var config = new ClientConfiguration
{
Servers = new List {
new Uri(“http://couchbasebaseclusternode1”)
},
UseSsl = true,
EnableCertificateAuthentication = true,
DefaultConnectionLimit = 1000,
HttpsApiPort = 18091
};
var cluster = new Cluster(config);
try
{
var authenticator = new CertAuthenticator(
new CertificateStoreOptions
{
StoreLocation = StoreLocation.LocalMachine,
StoreName = StoreName.TrustedPeople,
X509FindType = X509FindType.FindByThumbprint,
FindValue = “Thumbprint Value of above installed couchcertificate.pfx certificate”
}
);
cluster.Authenticate(authenticator); //This doesn’t throw any exception however we find this error when looking at the quickwatch information of the cluser " cluster Cannot get Info if HttpProvider has not been initialized"
}
catch(Exception ex)
{
Console.WriteLine(ex.InnerException.InnerException.Message);
}
var bucket = cluster.OpenBucket(“bucketname”); //Errors out: “Authentication failed because the remote party has closed the transport stream.”
Any help on this would be much appreciated. Thanks in advance!