Hi all, hope you are all doing well. Would someone be available to help me
figure out how to connect with SSL using channels_redis?
I made a web app using django channels + channels_redis and I'm having an
issue with configuring SSL. (I want SSL because I have deployed the app to
Google App Engine and I don't want users' messages unsecured.) I have a
Redis instance on RedisLabs with SSL enabled and all the client certs
needed, but I can't find where to plug them into my app settings. I
searched the channels documentation and all the issues on the
channels_redis GitHub page, but the only mention I found was here:
https://github.com/django/channels_redis#symmetric_encryption_keys, "we
advise you to also route your Redis connections over TLS for higher
security."
I noticed that channels_redis/core.py imports aioredis, and the only
function from aioredis, create_redis, is used in the function pop() here:
https://github.com/django/channels_redis/blob/243eb7e4ecfc2e922508e50210884d3c9bae5403/channels_redis/core.py#L71
aioredis however is able to use "ssl" as an argument when establishing the
connection, which channels_redis is not using:
https://github.com/aio-libs/aioredis/blob/922ccfc839ae0a1927ef44e7522a726277bce8a5/aioredis/commands/__init__.py#L171
So, I'm thinking that in order to connect with SSL the channels_redis
module would need a new feature where I could configure SSL in
settings.py/CHANNEL_LAYERS, and then channels_redis would pass my SSL
settings to the function create_redis.
I'm super new to the world of Django and Channels and Redis and also
contributing to open source projects, so hopefully I haven't over or under
explained anything. Including this information because it was mentioned in
the channels_redis GitHub "Submit new issue" form:
- OS: Windows 10
- Runtime: Python 3.7
- Browser: Google Chrome
- requirements.txt file is attached
- Expectations vs reality: Expected to find SSL config options in
home.settings.CHANNEL_LAYERS variable, but there appears to be none
- How I'm running my project: Testing locally using runserver so far,
but also throwing same error using daphne
- Error traceback attached ("ERR unencrypted connection is prohibited")
Am I missing something, or do you suggest I submit this as a new request
somewhere?
Thank you!
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/f6865cca-8c60-4cd6-91c5-a49e70e2962bn%40googlegroups.com.
2021-01-19 17:58:37,041 - ERROR - server - Exception inside application: ERR
unencrypted connection is prohibited
File
"D:\projects\my_project\web_app\env\lib\site-packages\channels\sessions.py",
line 175, in __call__
return await self.inner(receive, self.send)
File
"D:\projects\my_project\web_app\env\lib\site-packages\channels\middleware.py",
line 41, in coroutine_call
await inner_instance(receive, send)
File
"D:\projects\my_project\web_app\env\lib\site-packages\channels\consumer.py",
line 54, in __call__
await await_many_dispatch([receive, self.channel_receive], self.dispatch)
File
"D:\projects\my_project\web_app\env\lib\site-packages\channels\utils.py", line
50, in await_many_dispatch
await dispatch(result)
File
"D:\projects\my_project\web_app\env\lib\site-packages\channels\consumer.py",
line 67, in dispatch
await handler(message)
File "D:\projects\my_project\web_app\src\stories\consumers.py", line 40, in
websocket_connect
self.channel_name # default attribute
File
"D:\projects\my_project\web_app\env\lib\site-packages\channels_redis\core.py",
line 583, in group_add
async with self.connection(self.consistent_hash(group)) as connection:
File
"D:\projects\my_project\web_app\env\lib\site-packages\channels_redis\core.py",
line 820, in __aenter__
self.conn = await self.pool.pop()
File
"D:\projects\my_project\web_app\env\lib\site-packages\channels_redis\core.py",
line 70, in pop
conns.append(await aioredis.create_redis(**self.host, loop=loop))
File
"D:\projects\my_project\web_app\env\lib\site-packages\aioredis\commands\__init__.py",
line 175, in create_redis
loop=loop)
File
"D:\projects\my_project\web_app\env\lib\site-packages\aioredis\connection.py",
line 133, in create_connection
await conn.auth(password)
File "D:\projects\my_project\web_app\env\lib\site-packages\aioredis\util.py",
line 52, in wait_ok
res = await fut
ERR unencrypted connection is prohibitedaioredis==1.3.1
asgiref==2.3.2
async-timeout==3.0.1
attrs==20.3.0
autobahn==20.12.3
Automat==20.2.0
cffi==1.14.4
channels==2.1.2
channels-redis==2.3.2
constantly==15.1.0
cryptography==3.3.1
daphne==2.2.5
Django==2.0.7
et-xmlfile==1.0.1
hiredis==1.1.0
hyperlink==20.0.1
idna==2.10
incremental==17.5.0
jdcal==1.4.1
msgpack==0.5.6
numpy==1.19.5
openpyxl==3.0.6
pandas==1.2.0
Pillow==8.1.0
psycopg2==2.8.6
pyasn1==0.4.8
pyasn1-modules==0.2.8
pycparser==2.20
PyHamcrest==2.0.2
pyOpenSSL==20.0.1
python-dateutil==2.8.1
pytz==2018.5
redis==2.10.6
reportlab==3.5.59
service-identity==18.1.0
six==1.15.0
sqlparse==0.4.1
Twisted==20.3.0
txaio==20.12.1
zope.interface==5.2.0
