I, recently, upgraded my data plan from mini to premium in redis, which came with a surprise i.e. "Heroku Data for Redis" add-on no longer exposes both redis and rediss protocols, but defaults to rediss only, which would be fine if Heroku did not use self-signed certificates for redis.
I have an existing NestJS application and the relevant part in it look as follows:
// in app.module.ts
import { RedisModule } from '@liaoliaots/nestjs-redis';
RedisModule.forRootAsync({
imports: [],
inject: [],
useFactory: () => ({
config: {
url: process.env.REDIS_URL, // this starting with rediss::
},
commonOptions: {
tls: {
timeout: 10000,
rejectUnauthorized: false,
requestCert: true,
},
},
}),
}),
This unfortunately, give mes the following error:
Error: self signed certificate in certificate chain
I have tried setting NODE_TLS_REJECT_UNAUTHORIZED to 0, which solves the issue locally, but on heroku, it then gives the following error:
Error accepting a client connection: error:1408F10B:SSL routines:ssl3_get_record:wrong version number
I have not been able to find information on the latter one, and still I'd prefer not to have to resort to NODE_TLS_REJECT_UNAUTHORIZED. Maybe someone can point me in the right direction?