The Fix
pip install redis==7.1.0
Based on closed redis/redis-py issue #1767 · PR/commit linked
@@ -42,4 +42,4 @@ pip install ${PKG}
# RedisCluster tests
CLUSTER_URL="redis://localhost:16379/0"
-pytest -m 'not onlynoncluster and not redismod' --redis-url=${CLUSTER_URL}
+pytest -m 'not onlynoncluster and not redismod and not ssl' --redis-url=${CLUSTER_URL}
diff --git a/.github/workflows/integration.yaml b/.github/workflows/integration.yaml
Option A — Upgrade to fixed release\npip install redis==7.1.0\nWhen NOT to use: This fix should not be used if SSL is not required for your application.\n\n
Why This Fix Works in Production
- Trigger: Add SSL Environments for Testing
- Mechanism: The library lacked support for password-encrypted SSL private keys
- Why the fix works: Adds support for password-encrypted SSL private keys and includes tests for SSL connections, addressing issue #1767. (first fixed release: 7.1.0).
Why This Breaks in Prod
- The library lacked support for password-encrypted SSL private keys
- Production symptom (often without a traceback): Add SSL Environments for Testing
Proof / Evidence
- GitHub issue: #1767
- Fix PR: https://github.com/redis/redis-py/pull/1782
- First fixed release: 7.1.0
- Reproduced locally: No (not executed)
- Last verified: 2026-02-09
- Confidence: 0.85
- Did this fix it?: Yes (upstream fix exists)
- Own content ratio: 0.64
Discussion
High-signal excerpts from the issue thread (symptoms, repros, edge-cases).
“@chayim could you clarify the scope of this task? I see the following steps: 1”
“@m-novikov I think that's a great start”
“Yep :) I'll try to make a draft PR within couple of weeks, then.”
“@m-novikov I've started down this path because of bug #1757 - since I won't merge this otherwise! Do you mind if I finish it off?…”
Failure Signature (Search String)
- Add SSL Environments for Testing
- 3. Add tests following similar pattern to the https://github.com/redis/jedis/blob/master/src/test/java/redis/clients/jedis/tests/SSLJedisTest.java
Copy-friendly signature
Failure Signature
-----------------
Add SSL Environments for Testing
3. Add tests following similar pattern to the https://github.com/redis/jedis/blob/master/src/test/java/redis/clients/jedis/tests/SSLJedisTest.java
Error Message
Signature-only (no traceback captured)
Error Message
-------------
Add SSL Environments for Testing
3. Add tests following similar pattern to the https://github.com/redis/jedis/blob/master/src/test/java/redis/clients/jedis/tests/SSLJedisTest.java
What Broke
Integration tests for SSL connections were not validated, leading to potential security issues.
Why It Broke
The library lacked support for password-encrypted SSL private keys
Fix Options (Details)
Option A — Upgrade to fixed release Safe default (recommended)
pip install redis==7.1.0
Use when you can deploy the upstream fix. It is usually lower-risk than long-lived workarounds.
Fix reference: https://github.com/redis/redis-py/pull/1782
First fixed release: 7.1.0
Last verified: 2026-02-09. Validate in your environment.
When NOT to Use This Fix
- This fix should not be used if SSL is not required for your application.
Did This Fix Work in Your Case?
Quick signal helps us prioritize which fixes to verify and improve.
Prevention
- Add a TLS smoke test that performs a real handshake in CI (include CA bundle validation and hostname checks).
- Alert on handshake failures by error string and endpoint to catch cert/CA changes quickly.
Version Compatibility Table
| Version | Status |
|---|---|
| 7.1.0 | Fixed |
Related Issues
No related fixes found.
Sources
We don’t republish the full GitHub discussion text. Use the links above for context.