Skip to content

feat: expose sslSocketFactory, sslParameters, and hostnameVerifier on RedisStoreBuilder#182

Merged
tanderson-ld merged 1 commit into
launchdarkly:mainfrom
joff9:joff9/redis-ssl-socket-factory
Jun 29, 2026
Merged

feat: expose sslSocketFactory, sslParameters, and hostnameVerifier on RedisStoreBuilder#182
tanderson-ld merged 1 commit into
launchdarkly:mainfrom
joff9:joff9/redis-ssl-socket-factory

Conversation

@joff9

@joff9 joff9 commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

Expose SSL configuration options on RedisStoreBuilder

The JedisPool constructor accepts sslSocketFactory, sslParameters, and hostnameVerifier for customizing TLS behaviour, but all three were hardcoded to null in RedisStoreImplBase, making them unreachable by callers.

This PR exposes all three as builder options on RedisStoreBuilder.

Changes

  • Added sslSocketFactory(SSLSocketFactory), sslParameters(SSLParameters), and hostnameVerifier(HostnameVerifier) methods to RedisStoreBuilder
  • Wired the new fields through to the JedisPool constructor in RedisStoreImplBase
  • All three are no-ops when TLS is not enabled

Note

Medium Risk
Changes affect how TLS Redis connections are established; misconfigured custom SSL or hostname verification could weaken security, though behavior is unchanged unless callers opt in.

Overview
RedisStoreBuilder now lets callers pass SSLSocketFactory, SSLParameters, and HostnameVerifier for TLS Redis connections, matching what JedisPool already supports.

Previously RedisStoreImplBase always passed null for those three constructor arguments, so custom trust stores, cipher suites, or hostname checks were impossible without forking. The new builder fields are forwarded into JedisPool; when TLS is off they are documented as ignored, and unset values still defer to JVM defaults.

Unit tests cover default nulls and that each setter stores the configured instance.

Reviewed by Cursor Bugbot for commit 86fa0cb. Bugbot is set up for automated code reviews on this repo. Configure here.

@joff9 joff9 requested a review from a team as a code owner June 29, 2026 12:53
@tanderson-ld

Copy link
Copy Markdown
Contributor

Thank you for the contribution. I'm reviewing your changes and so far they look good to me. Would you mind providing context for us about your use case that motivated this so we can consider it for our other languages and ecosystems?

@joff9

joff9 commented Jun 29, 2026

Copy link
Copy Markdown
Contributor Author

Thank you for the contribution. I'm reviewing your changes and so far they look good to me. Would you mind providing context for us about your use case that motivated this so we can consider it for our other languages and ecosystems?

Thank you for reviewing the changes!

This was for allowing us to connect to a Valkey instance whose TLS certificate is signed by an internal private CA that isn't in the JVM truststore, so it was needed to provide a custom SSLSocketFactory backed by a trust store that contains our CA certificate.

@tanderson-ld tanderson-ld merged commit d4faba1 into launchdarkly:main Jun 29, 2026
26 checks passed
tanderson-ld pushed a commit that referenced this pull request Jun 29, 2026
…183)

🤖 I have created a release *beep* *boop*
---


##
[3.2.0](launchdarkly-java-server-sdk-redis-store-3.1.1...launchdarkly-java-server-sdk-redis-store-3.2.0)
(2026-06-29)


### Features

* expose sslSocketFactory, sslParameters, and hostnameVerifier on
RedisStoreBuilder
([#182](#182))
([d4faba1](d4faba1))

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

<!-- CURSOR_SUMMARY -->
---

> [!NOTE]
> **Low Risk**
> Version and changelog-only release with no code changes in the diff.
> 
> **Overview**
> Release Please bumps **launchdarkly-java-server-sdk-redis-store** from
**3.1.1** to **3.2.0** across the monorepo manifest,
`gradle.properties`, and `CHANGELOG.md`.
> 
> The new changelog entry records the **3.2.0** feature shipped in
[#182](#182): optional
`sslSocketFactory`, `sslParameters`, and `hostnameVerifier` on
`RedisStoreBuilder` for custom TLS when connecting to Redis. This PR
does not change library source—only version and release metadata.
> 
> <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit
b49f14f. Bugbot is set up for automated
code reviews on this repo. Configure
[here](https://www.cursor.com/dashboard/bugbot).</sup>
<!-- /CURSOR_SUMMARY -->

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@tanderson-ld

Copy link
Copy Markdown
Contributor

Should now be available in launchdarkly-java-server-sdk-redis-store 3.2.0.

Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants