ssl_cert_reqs="required" is not allowing me to connect to Redis
karaburmication opened this issue · 2 comments
I'm trying to implement flask-limiter with Redis 6.
If I use storage_uri without ssl (redis://:p51cd36bc3ea1.........), I'm getting this error:
redis.exceptions.ConnectionError: Error while reading from ec2-.........compute-1.amazonaws.com:29940 : (10054, 'An existing connection was forcibly closed by the remote host', None, 10054, None)
It seems like TLS is mandatory in Redis 6 (unfortunately, I'm not able to downgrade)
If I use storage_uri with ssl (rediss://:p51cd36bc3ea1.........), I'm getting another error:
redis.exceptions.ConnectionError: Error 1 connecting to ec2-............compute-1.amazonaws.com:29940. [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1123).
I am able to connect to Redis and update keys/values with this code:
url = urlparse(os.environ.get("REDIS_URL"))
r = redis.Redis(host=str(url.hostname), port=url.port, username=url.username, password=url.password, ssl=True, ssl_cert_reqs=None)
r.set('Key', value, ex=86400)
Is there a way to make flask-limiter use the same method for connecting?
Finally, if I change ssl_cert_reqs="required" to ssl_cert_reqs="none" in class SSLConnection(Connection) (under site-packages\redis\connection.py), everything works, but I guess this is not a good solution as I don't want to change source files.
I can't quickly test this out but if you use rediss://:p51.....?ssl_cert_reqs=none
does that work? Flask-Limiter simply passes the storage uri to limits which in turn passed it on to Redis.from_url
which from the looks of the code should work.
Since this was also raised in alisaifee/flask-limiter#353 I'll close this one.