redis 6.2 fails to load with invalid certificate

[chazdnato]

We have been running 6.2-alpine for a while, but since (perhaps) #335, things have been broken:

1:C 02 Dec 2022 21:01:16.896 # oO0OoO0OoO0Oo Redis is starting oO0OoO0OoO0Oo
1:C 02 Dec 2022 21:01:16.896 # Redis version=6.2.7, bits=64, commit=00000000, modified=0, pid=1, just started
1:C 02 Dec 2022 21:01:16.897 # Configuration loaded
1:M 02 Dec 2022 21:01:16.905 # Failed to load certificate: /usr/local/etc/redis/server.crt: error:0A00018E:SSL routines::ca md too weak
1:M 02 Dec 2022 21:01:16.905 # Failed to configure TLS. Check logs for more info.

Of note is error:0A00018E:SSL routines::ca md too weak, which likely has to do with the latest openssl versions included in Alpine 3.7

[yosifkit]

Yeah, Alpine 3.17 changed their default openssl to version 3 and so it seems the same as https://superuser.com/a/1737060. So, I'd recommend regenerating your CA and certificates with secure ciphers.

You can still pull the Alpine 3.16 based images via docker pull redis:6.2-alpine3.16 (but they currently won't be updated any longer).

[chazdnato]

Ah, this then must be redirected to Kong, the problem I'm having is with their kong-pongo product:

https://github.com/Kong/kong-pongo/tree/master/assets/redis

Thank you for the quick response, and I'll redirect there!