0

I'm trying to connect to sentinel using spring-boot-data-redis:2.2.4.RELEASE.

There are many configuration examples about sentinel, but not over ssl. I can connect to sentinel if I'm not using ssl configuration for now.

Here's my lettuce configuration code.

@Bean
public LettuceConnectionFactory redisConnectionFactory(
    RedisConfiguration redisConfiguration,
    @Value("${services.redis.tls:true}") boolean useTls,
    @Value("${services.redis.tls-path}") String certFilePath) {
    
    //some timeout configurations here
    //...

    ClientOptions.Builder clientOptionsBuilder =
        ClientOptions.builder().timeoutOptions(timeoutOptions);

    if (redisConfiguration instanceof RedisSentinelConfiguration) {
        SslOptions sslOptions = SslOptions.builder().truststore(new File(certFilePath)).build();
        clientOptionsBuilder = clientOptionsBuilder.sslOptions(sslOptions);
    }

    LettuceClientConfiguration.LettuceClientConfigurationBuilder configurationBuilder =
        LettuceClientConfiguration.builder();

    if (useTls) {
        configurationBuilder = configurationBuilder.useSsl().and();
    }

    LettuceClientConfiguration clientConfiguration =
        configurationBuilder.clientOptions(clientOptionsBuilder.build()).build();

    return new LettuceConnectionFactory(redisConfiguration, clientConfiguration);
}

If I use this configuration, then it occurs SSLHandshakeException (etc. handshake_failure).

Is there any edition is needed? I'm using .jks for certFilePath.

Junyoung Oh
  • 96
  • 6
  • Not sure if it helps, but here's the commit where ssl support in sentinel mode was added to lettuce-core. https://github.com/lettuce-io/lettuce-core/commit/0b6d6d84f15a6bbc37b193129fd5901e62effe8f It also has some tests, showing the configuration it it. – Eugene Botyanovsky May 04 '21 at 02:56
  • @EugeneBotyanovsky Thanks for replying me. I'll take a look. – Junyoung Oh May 04 '21 at 03:01

0 Answers0