Skip to content

Comments

修复 Redis TLS 连接中的 SNI 配置问题#93

Merged
ding113 merged 3 commits intoding113:mainfrom
Silentely:main
Nov 9, 2025
Merged

修复 Redis TLS 连接中的 SNI 配置问题#93
ding113 merged 3 commits intoding113:mainfrom
Silentely:main

Conversation

@Silentely
Copy link
Contributor

@Silentely Silentely commented Nov 9, 2025
edited
Loading

  • 修复 Bull 队列在 TLS 连接时无法正确配置 SNI 的问题
  • 将队列配置从 Redis URL 字符串改为 RedisOptions 对象,以便显式设置 TLS 参数
  • 在 ioredis 客户端中添加显式的 hostname 配置用于 SNI 支持
  • 增加 URL 解析错误处理,在配置错误时抛出异常停止启动
  • 确保用户名和密码能够正确传递给 Redis 连接

close #92

2025-11-09T00:19:14.728046457Z {"level":"info","time":1762647554727,"pid":1,"hostname":"d1294c71d50b","msg":"Database migrations completed successfully!"}
2025-11-09T00:19:16.611279372Z {"level":"info","time":1762647556610,"pid":1,"hostname":"d1294c71d50b","msg":"✓ Price table already exists, skipping seed initialization"}
2025-11-09T00:19:17.317941154Z {"level":"info","time":1762647557316,"pid":1,"hostname":"d1294c71d50b","action":"cleanup_queue_initializing","redisUrl":"rediss://default:***@valkey-22-22-22.e.22.com:22528"}
2025-11-09T00:19:17.349720948Z {"level":"info","time":1762647557317,"pid":1,"hostname":"d1294c71d50b","msg":"[CleanupQueue] Using TLS connection (rediss://)"}
2025-11-09T00:19:17.350125552Z {"level":"info","time":1762647557337,"pid":1,"hostname":"d1294c71d50b","action":"cleanup_queue_initialized"}
2025-11-09T00:19:17.350158159Z {"level":"info","time":1762647557338,"pid":1,"hostname":"d1294c71d50b","action":"auto_cleanup_disabled"}
2025-11-09T00:19:19.047943890Z {"level":"info","time":1762647559047,"pid":1,"hostname":"d1294c71d50b","action":"notification_queue_initializing","redisUrl":"rediss://default:***@valkey-22-22-22.e.22.com:22528"}
2025-11-09T00:19:19.053487296Z {"level":"info","time":1762647559047,"pid":1,"hostname":"d1294c71d50b","msg":"[NotificationQueue] Using TLS connection (rediss://)"}
2025-11-09T00:19:19.053592895Z {"level":"info","time":1762647559050,"pid":1,"hostname":"d1294c71d50b","action":"notification_queue_initialized"}
2025-11-09T00:19:19.053632965Z {"level":"info","time":1762647559050,"pid":1,"hostname":"d1294c71d50b","action":"notifications_disabled"}
2025-11-09T00:19:19.577367750Z {"level":"info","time":1762647559574,"pid":1,"hostname":"d1294c71d50b","msg":"Application ready"}
2025-11-09T00:19:20.531231449Z {"level":"info","time":1762647560530,"pid":1,"hostname":"d1294c71d50b","gaThreshold":2,"msg":"[ClientVersionChecker] GA_THRESHOLD configured"}
2025-11-09T00:19:21.391665803Z (node:1) ExperimentalWarning: SQLite is an experimental feature and might change at any time
2025-11-09T00:19:21.391745346Z (Use `node --trace-warnings ...` to show where the warning was created)
2025-11-09T00:19:21.394592233Z {"level":"info","time":1762647560534,"pid":1,"hostname":"d1294c71d50b","msg":"[Redis] Using TLS connection (rediss://)"}
2025-11-09T00:19:21.394625971Z {"level":"warn","time":1762647560535,"pid":1,"hostname":"d1294c71d50b","msg":"SessionTracker: Redis not ready, skipping initialization"}
2025-11-09T00:19:21.394637191Z {"level":"info","time":1762647560535,"pid":1,"hostname":"d1294c71d50b","msg":"[SensitiveWordCache] Reloading sensitive words from database..."}
2025-11-09T00:19:21.670778738Z {"level":"info","time":1762647561669,"pid":1,"hostname":"d1294c71d50b","msg":"[Redis] Connected successfully"}
2025-11-09T00:19:23.485328501Z {"level":"info","time":1762647563484,"pid":1,"hostname":"d1294c71d50b","msg":"[SensitiveWordCache] Loaded 0 sensitive words: contains=0, exact=0, regex=0"}

cto-new bot and others added 3 commits November 8, 2025 16:18
@cto-new
fix(redis): support rediss:// TLS connections for cloud Redis providers
97ff7a0 
Previously, connections to cloud Redis platforms using rediss:// URLs could hang due to missing explicit TLS options in the ioredis client initialization. This fix automatically adds the `tls: {}` option when a rediss:// URL is detected, enabling proper TLS handshake for providers like Upstash, AWS, and Azure.

Added a log statement to clarify when a TLS connection is being used. Updated .env.example to document explicit rediss:// (TLS) support as well. This improves Docker deployment compatibility and prevents confusing silent connection failures for secure clusters.
@Silentely
Merge pull request #1 from Cosr-Backup/fix-redis-rediss-tls-handshake…
7f537ef 
…-add-tls-option

Fix Redis client TLS support for rediss:// (cloud) connections
@Silentely
fix: 修复 Redis TLS 连接中的 SNI 配置问题
ebbbb1c 
- 修复 Bull 队列在 TLS 连接时无法正确配置 SNI 的问题
- 将队列配置从 Redis URL 字符串改为 RedisOptions 对象,以便显式设置 TLS 参数
- 在 ioredis 客户端中添加显式的 hostname 配置用于 SNI 支持
- 增加 URL 解析错误处理,在配置错误时抛出异常停止启动
- 确保用户名和密码能够正确传递给 Redis 连接
@ding113 ding113 changed the base branch from main to dev November 9, 2025 04:07
@ding113 ding113 changed the base branch from dev to main November 9, 2025 04:08
@ding113 ding113 merged commit 36e7fb0 into ding113:main Nov 9, 2025
@github-actions github-actions bot mentioned this pull request Dec 18, 2025
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

redis能否支持tls?

2 participants

@Silentely @ding113