Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Redis error: Pool initialized with SSL but connection requested plain socket #41548

Closed
jalonsomagnolia opened this issue Jun 28, 2024 · 9 comments · Fixed by #41573
Closed

Redis error: Pool initialized with SSL but connection requested plain socket #41548

jalonsomagnolia opened this issue Jun 28, 2024 · 9 comments · Fixed by #41573
Labels
area/redis kind/bug Something isn't working
Milestone
3.12.1

Comments

@jalonsomagnolia
Copy link

Describe the bug

Hello quarkus team!

We have an application configured for accessing a local Redis. The configuration is simple:

%quarkus.redis.hosts=redis://localhost:6379
%quarkus.redis.client-type=standalone

It works well when using Quarkus 3.11.3. However, it has started to fail after updating to the newer 3.12.0. Now we have this error:

Caused by: io.vertx.core.impl.NoStackTraceThrowable: Pool initialized with SSL but connection requested plain socket

Looking at the release notes, I see "Implementation of the internal TLS Registry". Could it be related? Indeed something has changed in this version.

Thanks in advance!

Expected behavior

No response

Actual behavior

No response

How to Reproduce?

No response

Output of uname -a or ver

No response

Output of java -version

No response

Quarkus version or git rev

No response

Build tool (ie. output of mvnw --version or gradlew --version)

No response

Additional information

No response
@jalonsomagnolia jalonsomagnolia added the kind/bug Something isn't working label Jun 28, 2024
@quarkus-bot quarkus-bot
Copy link

quarkus-bot bot commented Jun 28, 2024

/cc @Ladicek (redis), @cescoffier (redis), @machi1990 (redis)

@cescoffier
Copy link
Member

Anything configured under quarkus.tls?

@jalonsomagnolia
Copy link
Author

Thanks for the quick response. We haven't anything configured under quarkus.tls. I tried also with

quarkus.redis.tls.enabled=false

although I think it's the default value

@jalonsomagnolia
Copy link
Author

Sorry, I just saw we have

quarkus.tls.trust-all=true

Could it be a problem?

@jalonsomagnolia
Copy link
Author

jalonsomagnolia commented Jun 28, 2024
edited
Loading

In fact, after removing that configuration, it works again. Is this something expected?

@geoand
Copy link
Contributor

geoand commented Jun 28, 2024
edited
Loading

Not expected, sounds like a bug, but @cescoffier can provide more details

@geoand
Copy link
Contributor

geoand commented Jun 28, 2024

It seems to me that before 6e1489c quarkus.tls.trust-all only resulted in setting net.setTrustAll(); but now it also affects net.setSsl(), which seems wrong.

I can open a PR if you agree @cescoffier ?

@cescoffier
Copy link
Member

Ok, it's a bug. We need to be a bit more specific.

First TLS for redis is not enabled by default. Only if the host is rediss://.

Trust-all should not enable tls, if the scheme is not rediss://.

@jalonsomagnolia
Copy link
Author

Thanks for the quick response

cescoffier added a commit to cescoffier/quarkus that referenced this issue Jul 1, 2024
@cescoffier
Redis Client - Enable TLS/SSL Only with rediss:// Scheme
0fdf12c 
Previously, if `quarkus.tls.trust-all` was set, the Redis client would automatically use TLS. This commit ensures that TLS is only enabled when the host scheme is rediss://, aligning the behavior with expected usage patterns.

Fix quarkusio#41548
@cescoffier cescoffier mentioned this issue Jul 1, 2024
Merged
@quarkus-bot quarkus-bot bot added this to the 3.13 - main milestone Jul 1, 2024
@gsmet gsmet modified the milestones: 3.13 - main, 3.12.1 Jul 1, 2024
gsmet pushed a commit to gsmet/quarkus that referenced this issue Jul 1, 2024
@cescoffier @gsmet
Redis Client - Enable TLS/SSL Only with rediss:// Scheme
444d8b0 
Previously, if `quarkus.tls.trust-all` was set, the Redis client would automatically use TLS. This commit ensures that TLS is only enabled when the host scheme is rediss://, aligning the behavior with expected usage patterns.

Fix quarkusio#41548

(cherry picked from commit 0fdf12c)
holly-cummins pushed a commit to holly-cummins/quarkus that referenced this issue Jul 31, 2024
@cescoffier @holly-cummins
Redis Client - Enable TLS/SSL Only with rediss:// Scheme
45288d8 
Previously, if `quarkus.tls.trust-all` was set, the Redis client would automatically use TLS. This commit ensures that TLS is only enabled when the host scheme is rediss://, aligning the behavior with expected usage patterns.

Fix quarkusio#41548
danielsoro pushed a commit to danielsoro/quarkus that referenced this issue Sep 20, 2024
@cescoffier @danielsoro
Redis Client - Enable TLS/SSL Only with rediss:// Scheme
f051b2b 
Previously, if `quarkus.tls.trust-all` was set, the Redis client would automatically use TLS. This commit ensures that TLS is only enabled when the host scheme is rediss://, aligning the behavior with expected usage patterns.

Fix quarkusio#41548
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/redis kind/bug Something isn't working
Projects
None yet
Milestone
3.12.1
Development

Successfully merging a pull request may close this issue.

Redis Client - Enable TLS/SSL Only with rediss:// Scheme cescoffier/quarkus
4 participants
@cescoffier @gsmet @geoand @jalonsomagnolia