feat: expose sslSocketFactory, sslParameters, and hostnameVerifier on RedisStoreBuilder#182
Conversation
… RedisStoreBuilder
|
Thank you for the contribution. I'm reviewing your changes and so far they look good to me. Would you mind providing context for us about your use case that motivated this so we can consider it for our other languages and ecosystems? |
Thank you for reviewing the changes! This was for allowing us to connect to a Valkey instance whose TLS certificate is signed by an internal private CA that isn't in the JVM truststore, so it was needed to provide a custom SSLSocketFactory backed by a trust store that contains our CA certificate. |
…183) 🤖 I have created a release *beep* *boop* --- ## [3.2.0](launchdarkly-java-server-sdk-redis-store-3.1.1...launchdarkly-java-server-sdk-redis-store-3.2.0) (2026-06-29) ### Features * expose sslSocketFactory, sslParameters, and hostnameVerifier on RedisStoreBuilder ([#182](#182)) ([d4faba1](d4faba1)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Low Risk** > Version and changelog-only release with no code changes in the diff. > > **Overview** > Release Please bumps **launchdarkly-java-server-sdk-redis-store** from **3.1.1** to **3.2.0** across the monorepo manifest, `gradle.properties`, and `CHANGELOG.md`. > > The new changelog entry records the **3.2.0** feature shipped in [#182](#182): optional `sslSocketFactory`, `sslParameters`, and `hostnameVerifier` on `RedisStoreBuilder` for custom TLS when connecting to Redis. This PR does not change library source—only version and release metadata. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit b49f14f. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
|
Should now be available in launchdarkly-java-server-sdk-redis-store 3.2.0. Thank you! |
2 participants
Expose SSL configuration options on RedisStoreBuilder
The JedisPool constructor accepts sslSocketFactory, sslParameters, and hostnameVerifier for customizing TLS behaviour, but all three were hardcoded to null in RedisStoreImplBase, making them unreachable by callers.
This PR exposes all three as builder options on RedisStoreBuilder.
Changes
Note
Medium Risk
Changes affect how TLS Redis connections are established; misconfigured custom SSL or hostname verification could weaken security, though behavior is unchanged unless callers opt in.
Overview
RedisStoreBuilder now lets callers pass SSLSocketFactory, SSLParameters, and HostnameVerifier for TLS Redis connections, matching what JedisPool already supports.
Previously RedisStoreImplBase always passed
nullfor those three constructor arguments, so custom trust stores, cipher suites, or hostname checks were impossible without forking. The new builder fields are forwarded into JedisPool; when TLS is off they are documented as ignored, and unset values still defer to JVM defaults.Unit tests cover default nulls and that each setter stores the configured instance.
Reviewed by Cursor Bugbot for commit 86fa0cb. Bugbot is set up for automated code reviews on this repo. Configure here.