Redis 6.0.5 TLS issue in Kubernetes : SSL routines:ssl3_get_record:wrong version number #7454
Description
I've deployed redis 6.0.5 in Kubernetes and enable TLS.
The config file :
cluster-enabled yes
cluster-require-full-coverage no
cluster-node-timeout 15000
cluster-config-file /data/nodes.conf
cluster-migration-barrier 1
appendonly yes
protected-mode no
tls-ca-cert-file /etc/tls/redis/ca.pem
tls-key-file /etc/tls/redis/redis-key.pem
tls-cert-file /etc/tls/redis/redis.pem
tls-replication yes
tls-cluster yes
port 0
tls-port 6379
tls-auth-clients no
tls-protocols "TLSv1.2 TLSv1.3"
The healthcheck and readiness are as follow (They are not failing)
readinessProbe:
exec:
command:
- sh
- -c
- "redis-cli -h $(hostname) ping"
initialDelaySeconds: 15
timeoutSeconds: 5
livenessProbe:
exec:
command:
- sh
- -c
- "redis-cli -h $(hostname) ping"
initialDelaySeconds: 20
Right after the servers start I get the following error :
11:S 01 Jul 2020 19:11:42.086 # Error accepting a client connection: error:1408F10B:SSL routines:ssl3_get_record:wrong version number (conn: fd=8)
11:S 01 Jul 2020 19:11:42.087 # Error accepting a client connection: error:1408F10B:SSL routines:ssl3_get_record:wrong version number (conn: fd=8)
11:S 01 Jul 2020 19:11:43.084 # Error accepting a client connection: error:1408F10B:SSL routines:ssl3_get_record:wrong version number (conn: fd=8)
Is there anything I miss in the config ?
Is there anyway to skip certificate check ?