Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Passing ssl_params in session_store not working #45

Open
carlosbalsas opened this issue Jul 26, 2023 · 2 comments
Open

Passing ssl_params in session_store not working #45

carlosbalsas opened this issue Jul 26, 2023 · 2 comments

Comments

@carlosbalsas
Copy link

carlosbalsas commented Jul 26, 2023
edited
Loading

I have an app in Heroku, I'm trying to do the code below, but seems ssl_params not passing... because I still get the OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 peeraddr=52.214.49.109:23399 state=error: certificate verify failed (self-signed certificate in certificate chain))

Rails.application.config.session_store :redis_store,
                                       url: session_url,
                                       expire_after: 1.day,
                                       key: '_dokspot_session',
                                       domain: domain,
                                       tld_length: tld_length,
                                       secure: secure,
                                       ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE }

Any advice?

PS: If I use the cookie_store (default for session_store) it works without a problem so the problem is using Redis with session_store.
@carlosbalsas carlosbalsas changed the title Passing ssl_params in session_store Passing ssl_params in session_store not working Jul 26, 2023
@DaichiSaito
Copy link

How about the code below?

Rails.application.config.session_store :redis_store,
                                       servers: {
                                         url: ENV['REDIS_URL'],
                                         ssl_params: { verify_mode: OpenSSL::SSL::VERIFY_NONE }
                                       }
                                       expire_after: 1.day

@rjherrera
Copy link

I came to this repo to propose a change in the README.md regarding the servers option and I found the great answer by @DaichiSaito, which basically does the same as I did to solve the issue I was having with Heroku and Redis.

I think the documentation could be clearer in stating the possibilities for the servers option.

What I did is very similar to what DaichiSaito proposes.

redis_config = Rails.application.config_for(:redis)

Rails.application.config.session_store :redis_store,
                                       servers: [redis_config],
                                       expire_after: 30.days,
                                       key: '_app_session'

which has the benefit of reusing the redis config found in my redis.yml file, to centralize the ssl_params setting and all other options.

Maybe the servers option should say something in the lines of "is an Array of Redis server URLs that we will attempt to find data from, it can also be an array of hashes with the options accepted by the redis-client initialization".

Do you guys agree with this change? Should I create a PR?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@DaichiSaito @rjherrera @carlosbalsas