Troubleshooting Tip: Redis WRONGPASS invalid username-password pair or user is disabled error

Description

This article describes a method to fix the Redis WRONGPASS invalid username-password pair or user is disabled error.

Scope

FortiSIEM.

Solution

Users may notice an error on Redis in: '/opt/phoenix/log/phoenix.log' during troubleshooting. In some cases, it will have some processes down:

[PH_UTIL_REDIS_CONNECTION_ERROR]:[eventSeverity]=PHL_ERROR,[procName]=phMonitorWorker,[fileName]=phCacheThruRedis.cpp,[lineNumber]=272,[errorString]=WRONGPASS invalid username-password pair or user is disabled.,[phLogDetail]=redis connection error

In that case, users can update the password with the command below:

Back up the important file:

# for f in /opt/node-rest-service/ecosystem.config.js /opt/phoenix/redis/bin/redis_ops.sh /opt/phoenix/redis/conf/6666.conf /opt/phoenix/config/phoenix_config.txt /opt/phoenix/config/svnlite.properties; do cp "$f" "${f}_orig"; done

Update the password for all the configurations related to Redis:

Supervisor:

# /opt/phoenix/deployment/jumpbox/ph_update_dr_configs.py $(phLicenseTool --showRedisPassword)

# service httpd restart

# systemctl restart postgresql-$(postgres -V | awk '{print $3}' | cut -d. -f1).service

# rm -f /opt/phoenix/redis/conf/6666.conf

# cd /opt/phoenix/redis/bin/

# ./redis_ops.sh stop

# ./redis_ops.sh start

# su admin

# pm2 restart all

# exit

# killall -9 java

Workers:

For workers, #killall -9 java is not required:

# /opt/phoenix/deployment/jumpbox/ph_update_dr_configs.py $(phLicenseTool --showRedisPassword)
# service httpd restart
# rm -f /opt/phoenix/redis/conf/6666.conf
# cd /opt/phoenix/redis/bin/
# ./redis_ops.sh stop
# ./redis_ops.sh start

Make sure that the /opt/phoenix/redis/conf/6666.conf file shows 'slaveof' and 'masterauth' line, compare with /opt/phoenix/redis/conf/6666.conf_orig, if not add it and ./redis_ops.sh sta.

# su admin
# pm2 restart all
# exit