Closed ramonschriks closed 2 months ago
This is probably an issue with https://github.com/swift-server/RediStack - have you tried just using that directly to ensure that's the cause?
@0xTim Thanks for responding. I've tried that as well, but failed. Finding myself fighting this issue for over 10 hours straight now has driving me crazy.
Yet, i was able to find an (utmost simple) solution for this.
The problem was giving the masteraddress
as SocketAddress object to the Redis Configuration together with the SSLConfiguration.
return try Redis.RedisConfiguration(
serverAddresses: [masterAddress],
password: self.configuration.password,
tlsConfiguration: configuration
)
I changed it like so to make this work! As you can see below, im just providing the connection URL myself, by passing the correct protocol based on whether i have an TLS configuration or not.
let prot: String = self.configuration.tlsConfiguration != nil ? "rediss" : "redis"
return try Redis.RedisConfiguration(
url: "\(prot)://:\(self.configuration.password)@\(host):\(port)",
tlsConfiguration: self.configuration.tlsConfiguration,
pool: .init(
connectionRetryTimeout: .seconds(5)
)
)
Im not sure if this is an issue within this lib or within RediStack
, or if its even an issue? It seems to me that deriving the destination server details from the SocketAddress
together with an TLS configuration does not results in a rediss://
connection string?
For now my issue has been resolved, tho it might be confusing when passing the address as SocketAddress
.
Describe the issue
Unable to connect with Redis master using TLS configuration
Vapor version
4.102.0
Operating system and version
MacOS 14.5
Swift version
Swift 5.10
Steps to reproduce
My situation:
valkey
due to the closed sourcing of Redis)redis-cli
$ redis-cli -h valkey-master -p 6379 -a laSQL2019 --tls --cacert 'ca.crt' --cert 'client.crt' --key 'client.key'
Connection gets established correctly using
redis-cli
from host machine to Redis master.Now, on the same host machine im using the latest version of both
Vapor
andVapor/redis
to setup the redis configuration. Ive used many combinations trying to establish an connection:Ive tried many many different TLS configurations, but still i cannot connect. The connecties does gets logged on the Redis Master, but everytime this is the error:
I even tried adding the TLS version and cipher suite below, which does work when connecting using the Redis-cli, but not when configuring it in my Vapor app like so:
Maybe im doing something wrong on the Redis master regarding configuration, but then i wouldnt be able to connect using the
redis-cli
as well..In almost any example i can find only, the option
configuration.certificateVerification = .none
should work to ignore verification (client side), but i always get theSSL routines::wrong version number
error...For now i just disable TLS server side (which is definitely not ideal), so hopefully im doing something wrong rather than this is a real issue.
Outcome
With TLS enabled on the Redis master, i always get the above error
Server Side
when establishing a connection. Using theredis-cli
is does work with the same configuration (certs, TLS version and cipher suite)Additional notes
No response