lua-resty-redis icon indicating copy to clipboard operation
lua-resty-redis copied to clipboard

Published 20 hours ago verified publisher icon openresty

Unable to connect to redis instance AWS elastic cache - In-Transit Encryption (TLS) enabled

Open ravikiransharvirala opened this issue 5 years ago • 8 comments
trafficstars 

function M.connect_to_redis ()
local redis = require "resty.redis"
local red = redis:new()
red:set_timeout(10000)  
local vcap_services = cjson.decode(os.getenv("ENV"))  
local redis_service_name = os.getenv("REDIS")
local redis_credentials = vcap_services[redis_service_name][1].credentials;
local redis_host = redis_credentials.host
local redis_port = redis_credentials.port
local redis_password = redis_credentials.password  
local ok, err = red:connect(redis_host, redis_port)  
local res, err = red:auth(redis_password)
return red
end

I tried enable ssl=true by passing it as params

local options = {
    ssl = true
}

local ok, err = red:connect(redis_host, redis_port, options)  

ravikiransharvirala avatar Aug 24 '20 17:08 ravikiransharvirala

And what error do you get ?

toredash avatar Aug 25 '20 06:08 toredash

were you able to solve this ?

pratikthakkar avatar May 19 '21 09:05 pratikthakkar

did you try to add ssl_verify = true in your options ? ( or maybe to false )

x-077 avatar Jul 06 '21 20:07 x-077

Using the following with AWS elastic cache + in-transit encryption enabled.

All works after adding the ssl = true.

function RedisCache.connect()
    -- RedisCache credentials
    local redis_host = ngx.var.redis_host or "127.0.0.1"
    local redis_port = ngx.var.redis_port or 6379
    local redis_pass = ngx.var.redis_pass
    local redis_ssl = ngx.var.redis_ssl or false
    local resty = require "resty.redis"
    local redis = resty:new()

    -- Connect to redis
    local connected, err = redis:connect(redis_host, redis_port, {
        ssl = redis_ssl
    })
    if not connected then
        ngx.log(ngx.ERR, "could not connect to redis @" .. redis_host .. ": " .. err)
        return
    end

    if redis_pass then
        local authed, err = red:auth(redis_pass)
        if not authed then
            ngx.say("failed to authenticate: ", err)
            return
        end
    end

    return redis
end

OmgImAlexis avatar Jun 09 '22 23:06 OmgImAlexis

Using the following with AWS elastic cache + in-transit encryption enabled.

All works after adding the ssl = true.

function RedisCache.connect()
    -- RedisCache credentials
    local redis_host = ngx.var.redis_host or "127.0.0.1"
    local redis_port = ngx.var.redis_port or 6379
    local redis_pass = ngx.var.redis_pass
    local redis_ssl = ngx.var.redis_ssl or false
    local resty = require "resty.redis"
    local redis = resty:new()

    -- Connect to redis
    local connected, err = redis:connect(redis_host, redis_port, {
        ssl = redis_ssl
    })
    if not connected then
        ngx.log(ngx.ERR, "could not connect to redis @" .. redis_host .. ": " .. err)
        return
    end

    if redis_pass then
        local authed, err = red:auth(redis_pass)
        if not authed then
            ngx.say("failed to authenticate: ", err)
            return
        end
    end

    return redis
end

I also couldn't connect AWS elasticache even I set ssl option to true in connect function. It always fails when invoking auth(passwd), saying "failed to authenticate, timeout".

chenweiqiang7777 avatar Nov 18 '22 08:11 chenweiqiang7777