Is there a way to specify the TLS version to use in Redisson client?

anutalasu
April 27, 2020
82 views
0 votes
2 Answers

We are using the Redisson client (redisson-3.11.4) to connect to a Redis server. With netty 4.1.42.Final, everything worked fine. But after upgrading to netty 4.1.48.Final, TLSv1 ClientHello is sent and therefore not able to connect to the server. Tried specifying TLSv1.2 by setting jdk.tls.client.protocols system property, but netty doesn’t seem to be honoring it.

Is there a way to specify the TLS version in the Redisson client? We are currently creating the client like this:

Config config = new Config();
config.useSingleServer()
    .setPassword(password)
    .setSslTruststore(trustStoreFile.toUri().toURL())
    .setSslTruststorePassword(truststorePassword)
    .setAddress(endpoint);
RedissonClient client = Redisson.create(config);

Thanks!

Tags: netty redisson

Answers

Chosen as BEST ANSWER
- anutalasu
- May 3, 2020 at 3:25 am
- 0 votes
0
Turns out that this happens with IBM JSSE2 Provider. By default, TLSv1 is enabled. To enable TLS V1.0, V1.1, and V1.2, the com.ibm.jsse2.overrideDefaultTLS system property needs to be set to true.

(Edit)

- NikitaKoksharov
- August 12, 2021 at 8:34 am
- 0 votes
0
Specify sslProtocols setting to define array of allowed SSL protocols

Login or Signup to reply.

Please signup or login to give your own answer.

Click here to cancel reply.