Dragonfly Cloud announces new enterprise security features - learn more

Question: How can you configure the Transport Layer Security (TLS) in Redis Enterprise?

Answer

Transport Layer Security (TLS) provides a secure communication protocol between applications. TLS ensures that data transmitted remains private and unaltered. In Redis Enterprise, TLS can be configured to enhance data security.

Step 1: Enable TLS for the Cluster

To enable TLS at the cluster level, follow these steps:

rladmin cluster config cipher_suites '<openssl_cipher_list>'

Replace <openssl_cipher_list> with the OpenSSL cipher list string.

Step 2: Enable TLS for a Database

To enable TLS for a specific database:

rladmin tune db <db:id | name> tls encyption enabled

In the above command, replace <db:id | name> with the ID or name of your database.

With this configuration, the client will communicate with the database over a TLS connection.

Note: After enabling TLS for a database, only clients configured with valid certificates will be able to connect.

Step 3: Client Configuration

Once TLS is enabled on the server side (cluster/database), clients must also be configured appropriately to use TLS. This generally involves configuring client software with a trusted certificate (CA certificate), and optionally, a client certificate and key if mutually authenticated TLS is configured on the server.

Here's an example using redis-cli:

redis-cli --tls \ --cacert /path/to/ca.crt \ --cert /path/to/client.crt \ --key /path/to/client.key

Replace /path/to/ca.crt, /path/to/client.crt, /path/to/client.key with the paths to your actual certificate files.

Remember, proper management and safeguarding of your keys and certificates is crucial to maintaining the security of your system.

For more details on how to configure Redis Enterprise with TLS, refer to the official Redis Labs documentation.

Was this content helpful?

White Paper

Free System Design on AWS E-Book

Download this early release of O'Reilly's latest cloud infrastructure e-book: System Design on AWS.

Free System Design on AWS E-Book

Switch & save up to 80% 

Dragonfly is fully compatible with the Redis ecosystem and requires no code changes to implement. Instantly experience up to a 25X boost in performance and 80% reduction in cost