When the spring boot application was connected to the REDIS instance, and I looked at the code to see what files had changed — there was only one file that had changed, the application.yaml file for the application. That is the level of support that spring boot garners.
Application yaml snippet representation
spring
data
redis
host: <host name>
port: <port number>
password: <redis password>
ssl:
enabled: true
bundle: myappbundle
security:
myappbundle:
file: <path to key store file>
password: <key store password>
type: JKS
alias: <my app name> This is not the exact syntax, but the gist is that you had a spring->data->redis portion in the yaml that had the host,port,password details. There was an spring ssl bundle section which had the path to the key store file to be used for SSL negotiation, the password to that keystore, and other such SSL related specifics, and this bundle had a name <myappbundle>, and this would get referenced from the spring data redis ssl section as represented above.
REDIS health check logs showed local host instead of <my host>
The reason for this was that I had spring data redis ssl as true, where as I should have had spring data redis ssl enabled as true. YAMLs are small and easy looking when it is all working, but just as painful when they don’t.
Alias not found error
The alias name in the SSL bundle was incorrect. Fixed when the right alias was provided.
Unknown CA error
This was happening because the JKS file that I was using did not have a trust entry corresponding to the trust entry configured on the REDIS service instance that I was trying to connect with.
Certificate required error
I got a new JKS file with the trust entries. This time the failure was due to the primary key entry missing in the JKS file. This was diagnosed using the keytool command that can be used to see the entries within the JKS file.
Incorrect password error
Once the JKS file was fixed to have the trust entries as well as the primary key entry, the connection would fail with incorrect password error as the key store password had recently been updated.
Once the right password was passed in, connection worked on the REDIS health check API. The RedisTemplate was correctly configured now, and I could use it to write to REDIS as well as read from it.
