BE cannot use one-way SSL with Redis Store.

[tsaxena18]

Version Information

Software	Version(s)
BusinessEvents	6.1.0
OS Type?	Linux

What is the expected behavior?

The Redis server should be configurable with one-way ssl.

What is the actual behavior?

It is not working as per steps mentioned in Redis documentation (https://redis.io/topics/encryption). It seems that currently BE can only use two-way SSL with Redis.

Please provide a unit test that demonstrates the bug.

1. Start Redis server with SSL certifictes and pass parameter 'tls-auth-clients no' in the command as shown below : redis-server --tls-port 6379 --port 0 --tls-cert-file ./tests/tls/redis.crt --tls-key-file ./tests/tls/redis.key --tls-ca-cert-file ./tests/tls/ca.crt --loadmodule redisearch.so
2. Start Redis-cli with wrong cert or key ---> The cert/key should be ignored and connection should be fine but here redis-cli fails to connect as shown below : redis-cli --tls --cert ./tests/tls/redis2.crt --key ./tests/tls/redis.key --cacert ./tests/tls/ca.crt Could not negotiate a TLS connection: Invalid client certificate

Other notes on how to reproduce the issue?

https://github.com/redis/redis/issues/7437

Refer this for more info ---> https://github.com/bitnami/bitnami-docker-redis-cluster/issues/5

[kagrawal-tibco]

Redis Currently don't support one way SSL/TLS in it''s stable build/current version. We can include it when it is available in the stable build.

[vpatil-tibco]

@kagrawal-tibco Provide a reference link to the issue which outlines this instability around Redis 1-way SSL.

[kagrawal-tibco]

Reference : Redis Currently does not support One way SSL as it does not ignore client certificate if 'tls-auth-clients no' https://github.com/redis/redis/issues/7437 https://github.com/redis/redis/pull/7457 : Suggest solution is in redis:unstable