If you have a specific technical inquiry, construct your post with the following:
Summary
Cannot seem to connect to a Redis server with TLS to have encryption in-transit.
Technical details
Kolibri version 0.15.7
We are hosting a Kolibri environment in AWS. We configured two different Redis instances (not clustered) running Redis 6.2.6. One of them is configured to use TLS for encryption in-transit, and one is not.
When setting the CACHE_LOCATION to the one with encryption in-transit we found that Kolibri just hangs. We tried things like (replacing the actual hostname with “endpoin”):
Under the hood, Kolibri is using the Django Redis Cache backend. Looking at the documentation I can find no mention of configuration for encryption in-transit, so it may be a limitation of the cache backend we are using.
I only did a very rudimentary search, so possible I missed something though!
From what I’m seeing, it seems that CONNECTION_POOL_KWARGS needs to be configured to set this, but I am not seeing an option for this in the options.ini file. Is it not possible to specify this setting?
@Brian_LePore No there currently isn’t an option to specify that in Kolibri’s options.ini. With the version of the Python redis package that Kolibri uses, a path ssl_ca_certs would also be required.
So I renamed the file to kolibri.py and moved it to "/usr/lib/python3/dist-packages/kolibri/kolibri.py and set my export to “kolibri.kolibri” (I am knew to Python/django stuff so I’m not that familiar with how things should be set) and once I did that I found my file was at least being referenced.