I had setup connectivity between my local spring boot application and REDIS server instance by pointing to JKS files from application yaml file. This approach would not work for applications running in managed cloud environments as these environments are spawned at run time, and hence there is no physical location where you can pre-place the JKS files, and reference from your application yaml configuration.
Instead, here I had to write a RedisConfiguration class annotated with “@Configuration”. There are two libraries that are used for Redis connectivity — Jedis, and Lettuce. I had worked with Jedis.
The RedisConfiguration class had a bean that returns a JedisConnection factory. This connection factory is instantiated using two parameters — the redisStandaloneConfiguration, and the jedisClientConfiguration.
return new JedisConnectionFactory(redisStandaloneConfiguration, jedisClientConfiguration); JedisClientConfiguration
This is where you are indicating that SSL needs to be used. This is key. For the connectivity that I had established to REDIS using JKS files, I had a detailed configuration indicating the JKS file location, the file type as JKS, the JKS password, and so on. In comparison, from an SSL standpoint ,all you need to specify is useSSl() .
The reason for this is that the spring boot container is already started using the SSL keys, and the container already has the necessary files, needed to do the SSL negotiation with REDIS.
JedisClientConfiguration jedisClientConfiguration=
JedisClientConfiguration.builder()
.useSsl()
.and()
.usePooling()
.poolConfig(jedisPoolConfig)
.and()
.readTimeout(Duration.ofMillis(readTimeout))
.connectTimeout(Duration.ofMillis(connecTimeout))
.build()
;Redis standalone configuration
Redis standalone configuration is where the redis connection info comes in.
RedisStandaloneConfiguration redisStandaloneConfiguration = new RedisStandaloneConfiguration();
redisStandaloneConfiguration.setHostName(host);
redisStandaloneConfiguration.setPort(port);
redisStandaloneConfiguration.setPassword(RedisPassword.of(""));Password as empty string
This was a googly. REDIS team had given me the host, port and password when they set up the instance. So naturally, I passed the password as the password that I had been given in the above RedisStandaloneConfiguration . And I got a “Check configuration” kind of error when trying to test REDIS connection.
That is when I learned, that for two-way SSL, password is not considered. Only the SSL authentication is considered. So the fix was to change the phrase to RedisPassword.of("")
RedisTemplate
RedisTemplate — This is what I am using to put key value, and to read value from redis. Redis template needs to be wired with the configuration that we just established. This is done as below.
@Bean
public RedisTemplate<String, Object> redisTemplate(JedisConnectionFactory jedisConnectionFactory) {
RedisTemplate<String, Object> redisTemplate = new RedisTemplate<>();
redisTemplate.setConnectionFactory(
jedisConnectionFactory(
jedisPoolConfig()
)
);
return redisTemplate;
}JedisPoolConfig
Jedis pool config needs to be created.
@Bean
public JedisPoolConfig jedisPoolConfig() {
JedisPoolConfig jedisPoolConfig = new JedisPoolConfig();
jedisPoolConfig.setMaxTotal(maxTotal);
.. setMaxWait .. setMadIdle .. setMinIdle.. This is being passed while creating the redisTemplate above.
On the other hand, the ease with which the JKS file based configuration could be done using basic YAML configuration is impressive.
