Transport Layer Security (TLS) provides a secure communication protocol between applications. TLS ensures that data transmitted remains private and unaltered. In Redis Enterprise, TLS can be configured to enhance data security.
To enable TLS at the cluster level, follow these steps:
<openssl_cipher_list> with the OpenSSL cipher list string.
To enable TLS for a specific database:
In the above command, replace
<db:id | name> with the ID or name of your database.
With this configuration, the client will communicate with the database over a TLS connection.
Note: After enabling TLS for a database, only clients configured with valid certificates will be able to connect.
Once TLS is enabled on the server side (cluster/database), clients must also be configured appropriately to use TLS. This generally involves configuring client software with a trusted certificate (CA certificate), and optionally, a client certificate and key if mutually authenticated TLS is configured on the server.
Here's an example using
/path/to/client.key with the paths to your actual certificate files.
Remember, proper management and safeguarding of your keys and certificates is crucial to maintaining the security of your system.
For more details on how to configure Redis Enterprise with TLS, refer to the official Redis Labs documentation.