We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
If you try to use Redis Cluster with auto discoverability REDIS returns the IP and the port of the shard containing the key.
When the client tries then to connect to the other shard the certificate check will fail because it does not match the IP
[ErrorException] stream_socket_enable_crypto(): Peer certificate CN=`*.redis.cache.windows.net' did not match expected CN=`XX.XX.XXX.XX'
Inside Azure every shard is on the same IP/domain name but using different ports.
One way to solve this issue would be to allow the override of the host parameter when creating the connection:
host
if ($this->defaults) { $parameters += $this->defaults; if (isset($this->defaults['host'])) { $parameters['host'] = $this->defaults['host']; } }
If you like the solution I'm happy to create a PR for it.
The text was updated successfully, but these errors were encountered:
Didn't know how Azure works with Redis in this case but it makes sense, I'm just not sure about the solution so let me think about it.
PS: I won't suggest to set verify_peer and verify_peer_name to false because it's bad 😃
verify_peer
verify_peer_name
false
Sorry, something went wrong.
Yeah I thought about the same thing :P that would basically defy the purpose of having SSL in the first place.
No branches or pull requests
If you try to use Redis Cluster with auto discoverability REDIS returns the IP and the port of the shard containing the key.
When the client tries then to connect to the other shard the certificate check will fail because it does not match the IP
Inside Azure every shard is on the same IP/domain name but using different ports.
One way to solve this issue would be to allow the override of the
host
parameter when creating the connection:If you like the solution I'm happy to create a PR for it.
The text was updated successfully, but these errors were encountered: