Redis Session State in .Net Framework 4.7.1 with SSL issue

Question

Redis Session State in .Net Framework 4.7.1 with SSL issue

Manish Yadav 26

Hello,

I am trying to use Redis Session State Providers for my web app which is using framework 4.7.1.
We are able to connect to redis with hist and password when the TLS mode in Redis is set to None.
But when we enable TLS mode in redis to "Require all communication to be encrypted" the socket was closed error is seen.

Basically we want to set up ssl when connecting to redis enterprise from. Net using password authenrication. In the web config under session state we have put ssl=true

We are using the configuration mentioned in the below Microsoft doc with ssl=true.

https://learn.microsoft.com/en-us/azure/azure-cache-for-redis/cache-aspnet-session-state-provider

Our belief was that iis would verify the redis cert and the transport layer would be ssl encrypted but it's not working.

Any guidance would be much appreciated.

Thank you!!

GeethaThatipatri-MSFT 29,542 Reputation points Microsoft Employee Moderator

2022-07-29T15:56:35.003+00:00

Hi, @Manish Yadav Welcome to the Microsoft Q&A forum, and thanks for reaching out.
Can you please share the error message/screenshot you are seeing?

Regards
Geetha
Manish Yadav 26 Reputation points

2022-07-29T16:33:30.107+00:00

The error reads... The socket was closed. There was no open connection to the redis instance.

Do you have any sample of one way ssl with redis and. Net for session state.

2 way ssl is not posible as there is no config to pass the client cert to redis in the. Net web configconfig and we are ok with that and can continue using password for authentication but how to atleast ensure transport layer is secured.
GeethaThatipatri-MSFT 29,542 Reputation points Microsoft Employee Moderator

2022-07-29T17:27:44.43+00:00

@Manish Yadav Are you connecting to port 6380 on the cache? In Redis, port 6379 is used for non-SSL traffic, and 6380 for SSL.

Regrads
Geetha
Manish Yadav 26 Reputation points

2022-07-29T18:20:44.477+00:00

We are using redis enterprise on prem and the redis team has given a host and password. The port is a tcp port.
I asked them specifically for tls port but they say they don't have separate tls port.

Accepted answer

0 additional answers

Your answer

GeethaThatipatri-MSFT 29,542 Reputation points Microsoft Employee Moderator

2022-07-29T15:56:35.003+00:00

Hi, @Manish Yadav Welcome to the Microsoft Q&A forum, and thanks for reaching out.
Can you please share the error message/screenshot you are seeing?

Regards
Geetha
Manish Yadav 26 Reputation points

2022-07-29T16:33:30.107+00:00

The error reads... The socket was closed. There was no open connection to the redis instance.

Do you have any sample of one way ssl with redis and. Net for session state.

2 way ssl is not posible as there is no config to pass the client cert to redis in the. Net web configconfig and we are ok with that and can continue using password for authentication but how to atleast ensure transport layer is secured.
GeethaThatipatri-MSFT 29,542 Reputation points Microsoft Employee Moderator

2022-07-29T17:27:44.43+00:00

@Manish Yadav Are you connecting to port 6380 on the cache? In Redis, port 6379 is used for non-SSL traffic, and 6380 for SSL.

Regrads
Geetha
Manish Yadav 26 Reputation points

2022-07-29T18:20:44.477+00:00

We are using redis enterprise on prem and the redis team has given a host and password. The port is a tcp port.
I asked them specifically for tls port but they say they don't have separate tls port.

Answer 1

GeethaThatipatri-MSFT 29,542 Microsoft Employee Moderator

@Manish Yadav Thanks for providing more information, If you are running Redis on-prem, there’s probably not much we can do to help here – you will need to continue working with Redis Inc. Our team only supports the Redis service running in Azure.

Please let me know if you need any additional information

Regards
Geetha

Manish Yadav 26 Reputation points

2022-07-29T19:10:40.423+00:00

Thank you, understood your point.
But as a general question even with redis azure cache can you explain how 1 way ssl works. Simply mentioning ssl=true in the web cinfig will make sure that. Net will download the redis cert and verify the cert during handshake or do i have to manually install the redis cluster cert in iis cert manager?
GeethaThatipatri-MSFT 29,542 Reputation points Microsoft Employee Moderator

2022-08-02T12:17:21.793+00:00

@Manish Yadav The client will verify the cert automatically without the cert needing to be installed. It works basically the same as how web browsers verify and encrypt communications with https:// websites.

Thank you for visiting the Microsoft QA forums! Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community

Regards
Geetha
GeethaThatipatri-MSFT 29,542 Reputation points Microsoft Employee Moderator

2022-08-04T13:00:09.117+00:00

@Manish Yadav Please do not forget to "Accept the answer" wherever the information provided helps you to help others in the community

Regards
Geetha

Share via

Redis Session State in .Net Framework 4.7.1 with SSL issue

0 additional answers

Your answer