Community Redis and default TLS

Hi there,

I have just implemented TLS on a stand-alone Redis community edition using this github page:

All went very well on Ubuntu and I managed to implement on Centos8 with a bit of tweaking.

I just wondered if there are plans for TLS support to be default i.e. after a yum/apt install as opposed to a compile?

Then I also wondered (and I am testing this myself and will report back :grinning: ) If once I, let’s say have three nodes completed with TLS installed, if then making a Sentinel cluster out of these has any issues.



Hi John,

I’ll let other weigh in on whether TLS will be available by default on compile, but yes you can run Sentinel with TLS. Some docs mention this here: TLS Support – Redis


Hi Kyle,

thanks very much for the reply. Yes I was encouraged by the data in the link. Will plug in progress here as we go along.




Hi Kyle (and anyone else out there),
So while moving slowing on our tls implementation I find myself in a new quandary.
As mentioned earlier, we managed to implement tls on a stand-alone redis on Centos 8. We then created two new instances and implemented Sentinel between the three. It appears that (after some challenges — Actually on that for anybody else, the main issue was with some renames which were done to the redis.conf --), we can use the instance and it appears that all the inter node connections work.
Further, we can connect directly to the master with a Python script the connection being as follows:
from redis.sentinel import Sentinel
import redis

keyint = 1


redis_client = redis.StrictRedis(’,
print(“Hello once more”)

redis_client.set(‘senttest11111’, ‘test 02’)

The set works fine here.

So the next step was to use sentinel from a python script. We had some issues here so we stripped it down just to do the discover as follows:

from redis.sentinel import Sentinel
import redis
keyint = 1

keyint1 = 1

sentinel = Sentinel([(‘host1’,26379),



host, port = sentinel.discover_master(‘master01’)
It seems to fail on the discover with:

:\Users\ABJC587\AppData\Local\Programs\Python\Python38\python.exe C:/Users/ABJC587/PycharmProjects/newproj/venv/
Traceback (most recent call last):
File “C:/Users/ABJC587/PycharmProjects/newproj/venv/”, line 16, in
host, port = sentinel.discover_master(‘master01’)
File “C:\Users\ABJC587\AppData\Local\Programs\Python\Python38\lib\site-packages\redis\”, line 219, in discover_master
raise MasterNotFoundError(“No master found for %r” % (service_name,))
redis.sentinel.MasterNotFoundError: No master found for ‘master01’

Process finished with exit code 1

Then in the sentinel log we see:

55755:X 20 Jul 2021 09:24:16.133 # Error accepting a client connection: error:1408F10B:SSL routines:ssl3_get_record:wrong version number

I believe that the various parameters are correct (tls-replication) for both Sentinel. I have also tried running the Python program on another Linux box which also has Redis installed just in case this is because I was running in Windows but I receive the same error.
My thoughts are that the sentinel connection need some more parameters but I cannot find what they might be so any help appreciated.

So keeping the saga going for anyone who is interested :slight_smile: CE, Sentinel, TLS mainly working well. Some of the issues I had are actually embarrassments such as not stopping the firewall, and even not restarting the Sentinel service after a config change. In any case my simple Python program is able to connect to Sentinel, determine the master etc. and work away!

Having some difficulty getting Redis Insight to connect though.