I have started to use Redisson Caching instead of Jedis to be able to use the read replicas. I am using the bastion server to connect to the remote instance of AWS.
#ssh -f -N [email protected] -L 6379:master.redis-clusterXXXX.amazonaws.com:6379
The Jedis config was straightforward and worked well.
JedisConnectionFactory jedisConnectionFactory() {
JedisConnectionFactory jedisConFactory
= new JedisConnectionFactory();
jedisConFactory.setHostName("localhost");
jedisConFactory.setPassword("***");
jedisConFactory.setPort(6379);
jedisConFactory.setUseSsl(true);
return jedisConFactory;
}
Unfortunately, with the Redisson config it never connects and gives the following trace:
2024-01-02 16:25:56.358 INFO [,,] 76194 --- [ main] org.redisson.Version : Redisson 3.25.2
2024-01-02 16:25:56.758 ERROR [,,] 76194 --- [isson-netty-1-3] o.r.client.handler.ErrorsLoggingHandler : Exception occured. Channel: [id: 0xeb016650, L:0.0.0.0/0.0.0.0:57690]
io.netty.handler.codec.DecoderException: javax.net.ssl.SSLHandshakeException: No subject alternative DNS name matching localhost found.
at io.netty.handler.codec.ByteToMessageDecoder.callDecode(ByteToMessageDecoder.java:499)
at io.netty.handler.codec.ByteToMessageDecoder.channelRead(ByteToMessageDecoder.java:290)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:444)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at io.netty.channel.AbstractChannelHandlerContext.fireChannelRead(AbstractChannelHandlerContext.java:412)
at io.netty.channel.DefaultChannelPipeline$HeadContext.channelRead(DefaultChannelPipeline.java:1410)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:440)
at io.netty.channel.AbstractChannelHandlerContext.invokeChannelRead(AbstractChannelHandlerContext.java:420)
at io.netty.channel.DefaultChannelPipeline.fireChannelRead(DefaultChannelPipeline.java:919)
at io.netty.channel.nio.AbstractNioByteChannel$NioByteUnsafe.read(AbstractNioByteChannel.java:166)
at io.netty.channel.nio.NioEventLoop.processSelectedKey(NioEventLoop.java:788)
at io.netty.channel.nio.NioEventLoop.processSelectedKeysOptimized(NioEventLoop.java:724)
at io.netty.channel.nio.NioEventLoop.processSelectedKeys(NioEventLoop.java:650)
at io.netty.channel.nio.NioEventLoop.run(NioEventLoop.java:562)
at io.netty.util.concurrent.SingleThreadEventExecutor$4.run(SingleThreadEventExecutor.java:997)
at io.netty.util.internal.ThreadExecutorMap$2.run(ThreadExecutorMap.java:74)
at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: javax.net.ssl.SSLHandshakeException: No subject alternative DNS name matching localhost found.
The AWS Redis Instance Config
Any leads on this?
I had to disable the setting
setSslEnableEndpointIdentification(false)to not allow the hostname checker to run for localhost.Please note: because am using bastion - that is why it is causing the issue - people trying to access the redis cluster directly shouldn't have any troubles with it