TLS replication without client authentication
95 views
Skip to first unread message
gkkum...@gmail.com
Apr 12, 2022, 1:45:29 PM4/12/22
to Redis DB
I am having the standalone master and slave setup. The self-signed certificates are created dynamically on master & slave. Trying to enable the TLS replication without client authentication.
Configuration on Master & Slave:
tls-port 6380
tls-auth-clients no
tls-replication yes
tls-cert-file "/redis/tls/redis.crt"
tls-key-file "/redis/tls/redis.key"
tls-ca-cert-file "/redis/tls/ca.crt"
tls-protocols "TLSv1.2"
tls-replication yes
tls-cert-file "/redis/tls/redis.crt"
tls-key-file "/redis/tls/redis.key"
tls-ca-cert-file "/redis/tls/ca.crt"
tls-protocols "TLSv1.2"
Getting the following error
Master log
6866:M 12 Apr 2022 22:56:10.556 # Error accepting a client connection: error:1409441B:SSL routines:ssl3_read_bytes:tlsv1 alert decrypt error
Slave log
Master log
6866:M 12 Apr 2022 22:56:10.556 # Error accepting a client connection: error:1409441B:SSL routines:ssl3_read_bytes:tlsv1 alert decrypt error
Slave log
58479:S 12 Apr 2022 22:56:18.582 * MASTER <-> REPLICA sync started
58479:S 12 Apr 2022 22:56:18.586 # Error condition on socket for SYNC: error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding
Since having the different self-signed certificates on master & slave facing the above error. I would like to know whether it's possible to enable the tls-replication without the client authentication. Kindly let me know.
58479:S 12 Apr 2022 22:56:18.586 # Error condition on socket for SYNC: error:0407008A:rsa routines:RSA_padding_check_PKCS1_type_1:invalid padding
Since having the different self-signed certificates on master & slave facing the above error. I would like to know whether it's possible to enable the tls-replication without the client authentication. Kindly let me know.
Reply all
Reply to author
Forward
0 new messages