Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL connection failed to Redis Cloud #216

Closed
shivalikac opened this issue Apr 25, 2021 · 6 comments
Closed

SSL connection failed to Redis Cloud #216

shivalikac opened this issue Apr 25, 2021 · 6 comments

Comments

@shivalikac
Copy link

shivalikac commented Apr 25, 2021
edited
Loading

Hi
I am trying to connect to redis cloud from my application.
My connection looks like this:

ConnectionOptions opts;
opts.tls.enabled = true;
opts.host = "redis-13217.c251.east-us-mz.azure.cloud.redislabs.com";
opts.port = 13217;
opts.password = "******";
opts.tls.cacertdir = "/home/chaudharylin/sslRedis/stores";

auto redis = Redis(opts);

When I run the application, I get the error:

terminate called after throwing an instance of 'sw::redis::IoError'
what(): Failed to initialize TLS connection: SSL_connect failed: wrong version number

I am new to the concept of TLS/SSL. I am not able to understand what is going wrong.

Any help would be appreciated!
Thanks in advance!
@sewenew
Copy link
Owner

sewenew commented Apr 28, 2021

@shivalikac I did some research, but I cannot reproduce the problem with Redis. Can you use the official client, i.e. redis-cli, to connect to your server? If you cannot connect to it, you'd better ask help from redislabs. There might be some problem with Redis configuration.

Sorry for the late reply...

Regards

@shivalikac
Copy link
Author

@sewenew I am able to connect to the server with redis-cli as:
redis-cli -h redis-13217.c251.east-us-mz.azure.cloud.redislabs.com -p 13217 -a ****** --cacertdir /home/chaudharylin/sslRedis/stores

But when I try to connect with my application as:

opts.tls.enabled = true;
opts.host = "redis-13217.c251.east-us-mz.azure.cloud.redislabs.com";
opts.port = 13217;
opts.password = "*******";
opts.tls.cacertdir = "/home/chaudharylin/sslRedis/stores";

I get the same failed to initialize, wrong version number error....
Is there something wrong with my connection options?

@sewenew
Copy link
Owner

sewenew commented Apr 29, 2021

How do you configured your redis-server's TLS related options? For example, what's the configuration of the following options:

# tls-cert-file redis.crt
# tls-key-file redis.key

# Configure a CA certificate(s) bundle or directory to authenticate TLS/SSL
# clients and peers.  Redis requires an explicit configuration of at least one
# of these, and will not implicitly use the system wide configuration.
#
# tls-ca-cert-file ca.crt
# tls-ca-cert-dir /etc/ssl/certs

From the redis-cli command you given, it seems that you only configured tls-ca-cert-dir, and others are not set. However, I cannot start the server if only tls-ca-cert-dir is specified.

Regards

@sewenew
Copy link
Owner

sewenew commented May 9, 2021

@shivalikac Since there's no update from you, I'll close this issue. If you still have problem, feel free to reopen it.

Regards

@sewenew sewenew closed this as completed May 9, 2021
@shivalikac
Copy link
Author

Hi, so sorry for the delayed response. I want to connect to the cloud broke, Created on Redis Cloud page.

@sewenew
Copy link
Owner

sewenew commented May 20, 2021

Sorry but I'm not familiar with Redis Cloud. If you know how the redis instance is configured, I can give more help.

Also it seems that this might be the same issue as #183 . So far, hiredis doesn't support skipping certificate verification, and redis-plus-plus cannot support it either.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@sewenew @shivalikac