redis_dashboard
redis_dashboard copied to clipboard
Unable to use with rediss urls and self-signed certificates
Right now the redis client will not work with rediss
urls if the redis server presents a self-signed certificate. This is the case for e.g. Heroku Redis. The following error is raised:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 peeraddr=x.x.x.x:20229 state=error: certificate verify failed (self signed certificate in certificate chain)
To enable this we can pass an additional parameter when calling Redis.new
e.g.
Redis.new(
url: ENV["REDIS_URL"],
ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE }
)
Would you accept a pull request to add a configuration option for this? Let me know if you have a preference as to what the configuration API should look like.
Yes, sure, you're welcome. I prefer to leave the responsibility of creating the connections if it cannot work with a simple URL. Thus it should work for any case in the futur (I hope :-)), instead of adding an argument options.
# config/initializers/redis_dashboard.rb
# You can create any connections with any options.
# You're not forced to have the same options for all connections.
Redis.connections = [
Redis.new(url: ENV["REDIS_URL1"], ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE }),
Redis.new(url: ENV["REDIS_URL2"], reconnect_attempts: 10),
# ...
)
If no connections has been set, it should fallback to Redis.urls to not break compatibility.
This change means that RedisDashboard::Client.new
should accept both an URL and a connection.
It may break some views where the Redis URL is displayed. But I don't think it will be too hard to fix that.
Does it sounds good to you ?