UnknownHostException when connecting app with Capella using Spring Data Couchbase

We are using spring-data-couchbase framework for integration of our application with Couchbase Capella and getting the following error from the log while starting the application:

[com.couchbase.endpoint][EndpointConnectionFailedEvent][1024us] Connect attempt 4 failed because of UnknownHostException: [cb.gqfypprux6vrjwqm.cloud.couchbase.com](http://cb.gqfypprux6vrjwqm.cloud.couchbase.com){"circuitBreaker":"DISABLED","coreId":"0xf3f7b83e00000001","remote":"[cb.gqfypprux6vrjwqm.cloud.couchbase.com:8091](http://cb.gqfypprux6vrjwqm.cloud.couchbase.com:8091)","type":"MANAGER"}

The connection url is obtained from the Capella web console and the IP is already added in the “Allowed IP list”.

It will be great if you could help us for quick resolution of the issue.

1 Like

Hi Kervi,

UnknownHostException is a symptom of attempting to connect to Capella without using TLS. We’re working on throwing a better exception that actually indicates what the problem is – tracking as JCBC-1928.

This StackOverflow post describes how to enable TLS with Spring Data Couchbase. Does that help?

Thanks,
David

Answer from Michael Reiche (Couchbase SDK Team):

The configureEnvironment() method in the configuration class needs to be overridden and enable TLS and specify the trustcertificate.

@Override
protected void configureEnvironment(final ClusterEnvironment.Builder builder) {
 builder.securityConfig().enableTls(true).trustCertificate(Paths.get("/tmp/capella.pem"));
}

Otherwise what happens is that spring data uses a default environment - which has enableTls=false and no trustCertificate.

I understand there there could be an expectation that specifying a connnection string with the certpath.

couchbases://cb.gqfypprux6vrjwqm.cloud.couchbase.com?certpath=/tmp/capella.pem

While that will work if no environment is set on the clusterOptions, spring-data-couchbase provides a default environment, thus the solution to set enableTls and trustCertificate on that environment.

When I test this in my environment, it times out accessing the KV SSL port - which is expected:

2022-03-15 11:45:40,084 WARN com.couchbase.endpoint: 567 - [com.couchbase.endpoint][EndpointConnectionFailedEvent][10s] Connect attempt 1 failed because of TimeoutException: Did not observe any item or terminal signal within 10000ms in ‘source(MonoDefer)’ (and no fallback has been configured) {“circuitBreaker”:“DISABLED”,“coreId”:“0x2ccea4b800000003”,“remote”:“lkvya1cmvtjajvj3.gqfypprux6vrjwqm.cloud.couchbase.com:11207”,“type”:“KV”}

1 Like

Thanks David for sharing the link!