Redis certificate verify failed #715
Description
The Helm chart version
6.0.25
Environment Versions
Kubernetes 1.31
Custom chart values
tasksDatabase:
database: 2
ssl: true
insecureSkipTlsVerify: false
# When defining caCertPath, make sure you mount the secret containing the CA certificate on all the necessary containers
caCertPath: "/tmp/ca.crt"
# Used only when valkey.enabled is false. host and port are not used if
# sentinels are given.
host: <redis-endpoint>
port: 6378
sentinels: []
# - mysentinel:26379
sentinelService:
sentinelTimeout:
username: ""
password: ""
existingSecretName: "secret-with-auth"
existingSecretKey: "authkey"
cachingDatabase:
database: 1
ssl: true
insecureSkipTlsVerify: false
# When defining caCertPath, make sure you mount the secret containing the CA certificate on all the necessary containers
caCertPath: "/tmp/ca.crt"
# Used only when valkey.enabled is false. host and port are not used if
# sentinels are given.
host: <redis-endpoint>
port: 6378
sentinels: []
# - mysentinel:26379
sentinelService:
sentinelTimeout:
username: ""
password: ""
existingSecretName: "secret-with-auth"
existingSecretKey: "authkey"
... # for every pod this volumemount
extraVolumes:
- name: redis-ca-secret
secret:
secretName: redis-ca-secret
extraVolumeMounts:
- name: redis-ca-secret
mountPath: /tmp/ca.crt
subPath: ca
readOnly: trueCurrent Behavior & Steps to Reproduce
Upgrading from Netbox chart 5.0.72 -> 6.0.25
Migrated the Redis config to Valkey config, and now it fails to verify the certificate for the Redis connection. The CA is correctly mounted in the pod.
Expected Behavior
A working SSL connection to Redis, maybe an ENV isn't set?
I can't find an ENV with CA_CERT_PATH in the Netbox pod.
NetBox Logs
redis.exceptions.ConnectionError: Error 1 connecting to <redis-endpoint>:6378. [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: Hostname mismatch, certificate is not valid for '<redis-endpoint>'. (_ssl.c:1000).