SSL and Sentinels?

[Kevin Burton]

I understand that Redis doesn't support SSL and I must use something like 'stunnel' to either act as a client to connect to a cloud instance that listens on an SSL port or act as a server where clients see and connect to an SSL port and that information/connection is forwarded on to the Redis server. What I don;t understand is what happens in a failover situation. If the client is connected to a group of sentinels and they all agree that the master is at address A and port P won't that be a non-SSL address and port? Is the only way to adopt some kind of convention that when the sentinels report address A and port P it actually means address As and port Ps where As and Ps are SSL ports?

[Mark L]

That sounds like the problem I'm running into right now.  I would like redis to replicate over stunnel connections.  

When I configure slaves to talk to my master over it's stunnel interface it works, but as soon as failover occurs, config is rewritten on the saves with the non-ssl IP and port of the new master.

Is there something similar 'sentinel announce-port' and 'sentinel announce-ip' for redis.conf

[Vaishalee A]

Any update on this? I am also facing same problem.

Thanks

Vaishalee

[Josiah Carlson]

There currently isn't a good way to do this for Redis. If you need SSL tunneled Redis, there is at least one commercial provider that is available in many cloud hosting environments that offers SSL for additional fees.

 - Josiah

--
You received this message because you are subscribed to the Google Groups "Redis DB" group.
To unsubscribe from this group and stop receiving emails from it, send an email to redis-db+u...@googlegroups.com.
To post to this group, send email to redi...@googlegroups.com.
Visit this group at http://groups.google.com/group/redis-db.
For more options, visit https://groups.google.com/d/optout.

[Vaishalee A]

can you please share provider details?