Connecting Azure redis cache using hiredis c client.

Question

• How to connect azure redis cache service using hiredis C client?
• As per hiredis client doc hiredis[ssl] needed to build and redisCreateSSLContext will establish a connection. Azure providing only access key but no certificate, so how to use redisCreateSSLContext with the access key alone?
• In the azure cache for Redis FAQ, the note says "If your client does not support TLS, then you must enable the non-TLS port by following the directions in the Access ports section of the Configure a cache in Azure Cache for Redis article". Is it safe to use non-TLS port in production?

Answer 1

@Ramesh - Please find the following information in response to each data point but do please let me know if you have any additional questions, as subsequent comments.

The HIREDIS client is a minimalistic client that runs in a {bash} shell environment (See: Redis Clients). Please see the official project repository for more information. It requires SSL/TLS bindings to be built into the solution but it does offer encryption support if you choose to deploy it otherwise, you can enable the non SSL port and connect to Redis without encryption support. This approach is not advised but there are measures you can take to mitigate exposure such as deploying the production instance in a VNET, and using service tags to limit traffic by type, etc.

Please also be aware of the effort to make TLS 1.2 the baseline version throughout Azure:

Preparing for TLS 1.2 in Microsoft Azure

Regards,
Mike