0

I want to connect my Predis Client (PHP Redis) with node.js via SSL. It already work just on TCP. So I extended my Predis configuration:

$redis = new Predis\Client(array(
     'timeout' => 5.0,
     'throw_errors' => true,
     'scheme' => 'ssl',
     'host' => REDIS_HOST, //6379
     'port' => REDIS_PORT,
     'ssl'    => ['local_cert' => APP.'libs/cert.pem'],
 ));

and I don't change Redis node.js configuration:

var redis = require('redis');

var rClient = redis.createClient();
rClient.subscribe('channel');

I got such errors when I try connect via SSL:

stream_socket_client(): SSL: crypto enabling timeout
stream_socket_client(): Failed to enable crypto
stream_socket_client(): unable to connect to ssl://111.111.111.111:6379 (Unknown error)

This connection work on such configuration (without SSL):

$redis = new Predis\Client(array(
         'timeout' => 5.0,
         'throw_errors' => true,
         'scheme' => 'tcp',
         'host' => REDIS_HOST, //6379
         'port' => REDIS_PORT,
));

I have tried with 'scheme' => sslv3 and tls - errors were identical. With 'scheme' => sslv2 - error was: stream_socket_client(): failed to create an SSL handle.

The question is: how to configure Predis and Redis on node.js to connecting via SSL?

PS. I use this version of Predis library: https://github.com/RedisLabs/predis and branch: ssl.

mscdex
  • 104,356
  • 15
  • 192
  • 153
MateuszBlaszczyk
  • 133
  • 1
  • 3
  • 10
  • Unsure what you mean by referring to Node.js at the end but in any case, is your Redis server SSL-enabled? – Itamar Haber Jan 17 '15 at 00:19
  • I didn't change SSL settings in Redis configuration. I read about SSL and stunnel, but it looks hard and I hope there is easier way to enable SSL connection. – MateuszBlaszczyk Jan 17 '15 at 15:11
  • To use SSL you'll need both an SSL-enabled Redis server and client. The Predis version you are using complies, but if you try connecting with it to your standard, non-SSL-enabled local Redis you're likely to fail. Note that SSL support is offered by only a couple of Redis-as-a-Service providers at the moment but that feature is expected to be integrated into core Redis so using it will become easier in the future. – Itamar Haber Jan 18 '15 at 13:18
  • So it is impossible to use SSL connection to Redis on my own server nowadays, isn't it? – MateuszBlaszczyk Jan 22 '15 at 18:40
  • 1
    Yes - unless you use a custom Redis server or set up stunnel in front of it, you can't. – Itamar Haber Jan 23 '15 at 12:31
  • It can be done now: 'scheme' => 'tls', 'ssl' => ['verify_peer' => false] – Rob Sedgwick Jul 17 '21 at 10:56

0 Answers0