New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ssl_params:
doesn't appear to support min_version
#159
Comments
The handling of redis-client/lib/redis_client/ruby_connection.rb Lines 14 to 38 in d1b9284
By that you mean |
Also What's the redis-server version? Older Redis would close the socket without shutting down the SSL session which would cause this issue (not saying it's your issue, but this may be hiding the real root cause) |
Hi @byroot we're connecting to AWS Elasticache, it's configured as Redis 7.0.7. This is interesting, I didn't realize the |
That very surprising. I'd recommend editing |
I got something crossed up, apologies for using your time here. |
Happens to the best of us 😄 |
While trying to programmatically enforce a minimum TLS version for our Sidekiq Redis connections, I ran into an issue that I think would need to be handled in redis-client.
If you pass a
min_version
parameter intossl_params
, an attempt to connect responds with an `unexpected eof while reading (Redis::CannotConnectError).Here's what my code I used to check against a TLS-supporting (v1.2 or 1.3) Redis instance looked like:
The exception looks like this:
Passing this parameter works successfully with redis-rb's SSL setup. It wasn't at all clear from the code where the SSL context is built and then later passed on to
OpenSSL::SSL::SSLSocket
why this wouldn't be working, but unless I'm missing something I think this prevents setting a minimum SSL/TLS version for connections.Thanks for all your work on the gem.
The text was updated successfully, but these errors were encountered: