From a9faa8a9c879fc598232faa18648f206d2497edd Mon Sep 17 00:00:00 2001
From: gaeunee2 <kaeune3@gmail.com>
Date: Tue, 19 May 2026 09:46:27 +0900
Subject: [PATCH 1/2] =?UTF-8?q?fix:=20Upstash=20Redis=20TLS=20=EC=97=B0?=
 =?UTF-8?q?=EA=B2=B0=20=EB=AC=B8=EC=A0=9C=20=ED=95=B4=EA=B2=B0?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../com/proovy/global/config/RedisConfig.java | 45 ++++++++++++++++++-
 src/main/resources/application.yaml           |  2 -
 2 files changed, 44 insertions(+), 3 deletions(-)

diff --git a/src/main/java/com/proovy/global/config/RedisConfig.java b/src/main/java/com/proovy/global/config/RedisConfig.java
index d03d183..bc4b728 100644
--- a/src/main/java/com/proovy/global/config/RedisConfig.java
+++ b/src/main/java/com/proovy/global/config/RedisConfig.java
@@ -1,10 +1,15 @@
 package com.proovy.global.config;
 
+import io.lettuce.core.ClientOptions;
+import io.lettuce.core.SocketOptions;
+import io.lettuce.core.SslOptions;
+import io.lettuce.core.protocol.ProtocolVersion;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.data.redis.connection.RedisConnectionFactory;
 import org.springframework.data.redis.connection.RedisStandaloneConfiguration;
+import org.springframework.data.redis.connection.lettuce.LettuceClientConfiguration;
 import org.springframework.data.redis.connection.lettuce.LettuceConnectionFactory;
 import org.springframework.data.redis.core.RedisTemplate;
 import org.springframework.data.redis.core.StringRedisTemplate;
@@ -12,6 +17,8 @@
 import org.springframework.data.redis.serializer.GenericJackson2JsonRedisSerializer;
 import org.springframework.data.redis.serializer.StringRedisSerializer;
 
+import java.time.Duration;
+
 @Configuration
 @EnableRedisRepositories
 public class RedisConfig {
@@ -22,13 +29,49 @@ public class RedisConfig {
     @Value("${spring.data.redis.port}")
     private int port;
 
+    @Value("${spring.data.redis.password:}")
+    private String password;
+
+    @Value("${spring.data.redis.ssl.enabled:false}")
+    private boolean sslEnabled;
+
     @Bean
     public RedisConnectionFactory redisConnectionFactory() {
         RedisStandaloneConfiguration config = new RedisStandaloneConfiguration();
         config.setHostName(host);
         config.setPort(port);
+        
+        // 비밀번호 설정 (비어있지 않은 경우)
+        if (password != null && !password.trim().isEmpty()) {
+            config.setPassword(password);
+        }
+
+        LettuceClientConfiguration.LettuceClientConfigurationBuilder clientConfigBuilder = 
+                LettuceClientConfiguration.builder()
+                        .commandTimeout(Duration.ofMillis(5000));
+
+        // SSL 설정 (prod 환경에서 Upstash 호환)
+        if (sslEnabled) {
+            ClientOptions clientOptions = ClientOptions.builder()
+                    .protocolVersion(ProtocolVersion.RESP2)  // Upstash Redis 호환을 위해 RESP2 명시
+                    .sslOptions(SslOptions.builder()
+                            .jdkSslProvider()  // JDK SSL 프로바이더 사용
+                            .build())
+                    .socketOptions(SocketOptions.builder()
+                            .connectTimeout(Duration.ofSeconds(10))
+                            .keepAlive(true)  // Keep-alive 활성화
+                            .build())
+                    .autoReconnect(true)  // 자동 재연결 활성화
+                    .build();
+            
+            clientConfigBuilder
+                    .clientOptions(clientOptions)
+                    .useSsl()
+                    .and()
+                    .shutdownTimeout(Duration.ofMillis(100));
+        }
 
-        LettuceConnectionFactory factory = new LettuceConnectionFactory(config);
+        LettuceConnectionFactory factory = new LettuceConnectionFactory(config, clientConfigBuilder.build());
         factory.setValidateConnection(true);
         return factory;
     }
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 0a642ad..e5dba73 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -178,8 +178,6 @@ spring:
     redis:
       ssl:
         enabled: true
-        bundle:
-          implicit: true
 
 proovy:
   api:

From 8b5231ce716fe4885e42725250d64412d09b1ad5 Mon Sep 17 00:00:00 2001
From: gaeunee2 <kaeune3@gmail.com>
Date: Tue, 19 May 2026 10:00:25 +0900
Subject: [PATCH 2/2] Fail fast when Redis TLS password is missing

---
 src/main/java/com/proovy/global/config/RedisConfig.java | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/main/java/com/proovy/global/config/RedisConfig.java b/src/main/java/com/proovy/global/config/RedisConfig.java
index bc4b728..7625f75 100644
--- a/src/main/java/com/proovy/global/config/RedisConfig.java
+++ b/src/main/java/com/proovy/global/config/RedisConfig.java
@@ -42,7 +42,11 @@ public RedisConnectionFactory redisConnectionFactory() {
         config.setPort(port);
         
         // 비밀번호 설정 (비어있지 않은 경우)
-        if (password != null && !password.trim().isEmpty()) {
+        if (sslEnabled && (password == null || password.isBlank())) {
+            throw new IllegalStateException("spring.data.redis.password must be set when SSL is enabled");
+        }
+
+        if (password != null && !password.isBlank()) {
             config.setPassword(password);
         }