I tried using the Redis-cli to connect to aws. However, it appears that when specifying SSL you have to have certs. There is also no --no-verify option. Is it possible to use the new cli to connect to existing ElastiCache Redis instances that use SSL?
Comment From: rayjlinden
Bueller? Bueller? Anyone?
Comment From: madolson
Hello!
Omitting certificates will make OpenSSL look for the default location on your host. ElastiCache uses certificates vended by ACM, which are usually trusted by in most CA bundles. I think a no-verify option would be okay for testing, but it should probably not be used to connect to a production cluster.
Comment From: rayjlinden
As far as I could tell the only way to tell redis-cli to use TLS is to pass the certs in. Is it possible to make it use TLS without passing the certs? How?
On Tue, May 12, 2020 at 10:32 PM Madelyn Olson notifications@github.com wrote:
Hello!
Omitting certificates will make OpenSSL look for the default location on your host. ElastiCache uses certificates vended by ACM, which are usually trusted by in most CA bundles. I think a no-verify option would be okay for testing, but it should probably not be used to connect to a production cluster.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/antirez/redis/issues/7066#issuecomment-627755711, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKE5LWX3ZMYGSGT5DVE26OLRRIWGDANCNFSM4MCPEKHQ .
Comment From: yossigo
Fixed in #8416