TLS replication without client authentication

36 views
Skip to first unread message

gkkum...@gmail.com

unread,
Apr 12, 2022, 1:45:29 PMApr 12
to Redis DB
I am having the standalone master and slave setup. The self-signed certificates are created dynamically on master & slave. Trying to enable the TLS replication without client authentication.

Configuration on Master & Slave:

tls-port 6380
tls-auth-clients no
tls-replication yes
tls-cert-file "/redis/tls/redis.crt"
tls-key-file "/redis/tls/redis.key"
tls-ca-cert-file "/redis/tls/ca.crt"
tls-protocols "TLSv1.2"

Getting the following error 
Master log
6866:M 12 Apr 2022 22:56:10.556 # Error accepting a client connection: error:1409441B:SSL routines:ssl3_read_bytes:tlsv1 alert decrypt error

Slave log
58479:S 12 Apr 2022 22:56:18.582 * MASTER <-> REPLICA sync started
58479:S 12 Apr 2022 22:56:18.586 # Error condition on socket for SYNC: error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding

Since having the different self-signed certificates on master & slave facing the above error. I would like to know whether it's possible to enable the tls-replication without the client authentication. Kindly let me know. 
Reply all
Reply to author
Forward
0 new messages