Java: SSL/TLS for Jedis compatibility layer (#4613)

* Java: SSL/TLS for Jedis compatibility layer

Signed-off-by: Prateek Kumar <prateek.kumar@improving.com>
Signed-off-by: Alex Rehnby-Martin <alex.rehnby-martin@improving.com>

Author: prateek-kumar-improving

java/client/src/main/java/redis/clients/jedis/ConfigurationMapper.java

@@ -26,6 +26,7 @@ public class DefaultJedisClientConfig implements JedisClientConfig {
     private final SSLSocketFactory sslSocketFactory;
     private final SSLParameters sslParameters;
     private final HostnameVerifier hostnameVerifier;
+    private final SslOptions sslOptions;
     private final RedisProtocol redisProtocol;
 
     private DefaultJedisClientConfig(Builder builder) {
@@ -40,6 +41,7 @@ private DefaultJedisClientConfig(Builder builder) {
         this.sslSocketFactory = builder.sslSocketFactory;
         this.sslParameters = builder.sslParameters;
         this.hostnameVerifier = builder.hostnameVerifier;
+        this.sslOptions = builder.sslOptions;
         this.redisProtocol = builder.redisProtocol;
     }
 
@@ -102,6 +104,11 @@ public HostnameVerifier getHostnameVerifier() {
         return hostnameVerifier;
     }
 
+    @Override
+    public SslOptions getSslOptions() {
+        return sslOptions;
+    }
+
     @Override
     public RedisProtocol getRedisProtocol() {
         return redisProtocol;
@@ -119,6 +126,7 @@ public static class Builder {
         private SSLSocketFactory sslSocketFactory;
         private SSLParameters sslParameters;
         private HostnameVerifier hostnameVerifier;
+        private SslOptions sslOptions;
         private RedisProtocol redisProtocol = DEFAULT_PROTOCOL;
 
         public Builder connectionTimeoutMillis(int connectionTimeoutMillis) {
@@ -176,6 +184,11 @@ public Builder hostnameVerifier(HostnameVerifier hostnameVerifier) {
             return this;
         }
 
+        public Builder sslOptions(SslOptions sslOptions) {
+            this.sslOptions = sslOptions;
+            return this;
+        }
+
         public Builder protocol(RedisProtocol redisProtocol) {
             this.redisProtocol = redisProtocol;
             return this;

java/client/src/main/java/redis/clients/jedis/DefaultJedisClientConfig.java

@@ -153,11 +153,9 @@ public Jedis(String host, int port, JedisClientConfig config) {
         this.parentPool = null;
         this.config = config;
 
-        // Validate configuration
-        ConfigurationMapper.validateConfiguration(config);
-
         // Defer GlideClient creation until first Redis operation (lazy initialization)
         // This solves DataGrip compatibility issues with native library loading
+        // Configuration validation happens during mapping when GlideClient is created
         this.glideClient = null;
         this.resourceId = null;
         this.lazyInitialized = false;
@@ -190,6 +188,14 @@ private synchronized void ensureInitialized() {
             this.resourceId = ResourceLifecycleManager.getInstance().registerResource(this);
             i++;
             this.lazyInitialized = true;
+        } catch (ConfigurationMapper.JedisConfigurationException e) {
+            // Enhanced error handling for configuration conversion issues
+            throw new JedisConnectionException(
+                    "Failed to convert Jedis configuration to GLIDE: "
+                            + e.getMessage()
+                            + ". Please check your SSL/TLS certificate configuration or consider using PEM format"
+                            + " certificates.",
+                    e);
         } catch (InterruptedException | ExecutionException e) {
             throw new JedisConnectionException("Failed to create GLIDE client", e);
         } catch (RuntimeException e) {
@@ -719,6 +725,15 @@ public void close() {
                 throw new JedisException("Failed to close GLIDE client", e);
             }
         }
+
+        // Cleanup temporary certificate files created during configuration conversion
+        try {
+            ConfigurationMapper.cleanupTempFiles();
+        } catch (Exception e) {
+            // Log warning but don't fail the close operation
+            System.err.println("Warning: Failed to cleanup temporary certificate files:");
+            e.printStackTrace();
+        }
     }
 
     /**
@@ -6797,4 +6812,23 @@ public String brpoplpush(String source, String destination, int timeout) {
     public byte[] brpoplpush(final byte[] source, final byte[] destination, int timeout) {
         return blmove(source, destination, ListDirection.RIGHT, ListDirection.LEFT, timeout);
     }
+
+    // Static initialization block for cleanup hooks
+    static {
+        // Add shutdown hook to cleanup temporary certificate files
+        Runtime.getRuntime()
+                .addShutdownHook(
+                        new Thread(
+                                () -> {
+                                    try {
+                                        ConfigurationMapper.cleanupTempFiles();
+                                    } catch (Exception e) {
+                                        // Ignore exceptions during shutdown
+                                        System.err.println(
+                                                "Warning: Failed to cleanup temporary certificate files during shutdown:");
+                                        e.printStackTrace();
+                                    }
+                                },
+                                "Jedis-Certificate-Cleanup"));
+    }
 }

java/client/src/main/java/redis/clients/jedis/Jedis.java

@@ -126,8 +126,7 @@ public JedisPool(
         this.availableConnections = new LinkedBlockingQueue<>();
         this.poolId = ResourceLifecycleManager.getInstance().registerResource(this);
 
-        // Validate configuration
-        ConfigurationMapper.validateConfiguration(config);
+        // Configuration validation happens during mapping when connections are created
     }
 
     /**
@@ -192,8 +191,8 @@ protected void returnResource(Jedis jedis) {
                     jedis.getGlideClient().close();
                 } catch (Exception e) {
                     // Log error but don't throw - we're in cleanup mode
-                    System.err.println(
-                            "Warning: Failed to close Jedis connection when pool queue full: " + e.getMessage());
+                    System.err.println("Warning: Failed to close Jedis connection when pool queue full:");
+                    e.printStackTrace();
                 }
             }
         } else if (jedis != null) {
@@ -204,7 +203,8 @@ protected void returnResource(Jedis jedis) {
                     jedis.getGlideClient().close();
                 } catch (Exception e) {
                     // Log error but continue
-                    System.err.println("Error closing returned connection: " + e.getMessage());
+                    System.err.println("Error closing returned connection:");
+                    e.printStackTrace();
                 }
             }
         }
@@ -240,7 +240,8 @@ public void close() {
                     jedis.getGlideClient().close();
                 } catch (Exception e) {
                     // Log error but continue closing other connections
-                    System.err.println("Error closing connection: " + e.getMessage());
+                    System.err.println("Error closing connection:");
+                    e.printStackTrace();
                 }
             }
 

java/client/src/main/java/redis/clients/jedis/JedisPool.java

@@ -160,7 +160,8 @@ private void closeQuietly(AutoCloseable resource) {
                 resource.close();
             } catch (Exception e) {
                 // Log the error but don't throw
-                System.err.println("Error closing resource: " + e.getMessage());
+                System.err.println("Error closing resource:");
+                e.printStackTrace();
             }
         }
     }