CouchDB not working over https after certificate renewal

After I renewed my certificate I cant’t access couchdb through https. Nothing changed in the configuration file. Only the renewal was done. It works over port 5984 without https but not on 6984 with https

My domain is:

I ran this command: sudo certbot --config-dir /opt/couchdb/letsencrypt renew

My web server is (include version): Ubuntu 18.04

My hosting provider, if applicable, is: Digitalocean

Hi @neli95,

Welcome to the community forum!

I couldn’t find explicit documentation stating what to do when replacing a certificate in CouchDB, but have you tried issuing a SIGHUP or reloading the process assuming CouchDB has a reload function. If all of that fails, the CouchDB docs state that when configuring a TLS cert you should restart the process, but that can lead to a temporary outage every 90 days Worst case scenario you might want to look into fronting CouchDB with HAProxy or Nginx.

Is it absolutely critical for you to use a Let’s Encrypt cert for this service instead of something like or ?

Do your logs give any insight as to why the new cert hasn’t been picked up?

$ echo | openssl s_client -connect -servername 2>/dev/null
no peer certificate available
No client certificate CA names sent
SSL handshake has read 0 bytes and written 323 bytes
Verification: OK
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)

$ telnet 5984
Connected to
Escape character is '^]'.
telnet> \q
Connection closed.

$ telnet 6984
Connected to
Escape character is '^]'.
Connection closed by foreign host.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.