Configuration: Enabling SSL
SSL can only be enabled when RavenDB is running as a Windows Service. The certificate has to be installed in the local certificate repository [Certificates - Local Computer\Personal\Certificates] and include the private key (.pfx file), otherwise the following will not work.
By default, secure connectivity is disabled. To enable the SSL in RavenDB, you need to do the following:
- tell RavenDB to use the specified X509 certificate.
To tell RavenDB to use the specified X509 certificate, execute the following command on the command line:
To uninstall the certificate execute:
The Studio might not work in some browsers (e.g. Firefox and Chrome) if the domain that certificate was issued for does not match the domain you are using it for.
Ignoring SSL errors
In RavenDB, we have added an option to ignore all SSL certificate validation errors. By default,
Raven/IgnoreSslCertificateErrors configuration option is set to None, but it can be changed if needed.
We do not recommend setting
Raven/IgnoreSslCertificateErrors to All due to safety reasons. Enabling this option is done at your own risk.