Docs
uredis
Operation Guide
master-slave
Ssl

Setting SSL Encryption

The master-replica version of Redis supports enabling SSL encrypted communication. After enabling the SSL feature, you can install the SSL CA certificate to your application service. The SSL encryption feature encrypts the network connection at the transport layer, enhancing data security while ensuring data integrity.

Precautions

  1. The currently supported instance versions for SSL functionality are 6.0 (minor version greater than 20.55) and 7.0 (minor version greater than 15.14).
  2. Currently, only the master-replica version of Redis supports the SSL feature.
  3. The default validity period of the certificate is 3 years. Renewing the certificate also defaults to 3 years.
  4. The TLS protocols currently supported by the Redis server are: TLSv1.1, TLSv1.2, TLSv1.3.

Enabling SSL Feature

Click the details button of the master-replica instance and select the “Data Security” tab. Click to enable immediately, as shown below: image image After clicking confirm, the instance status will change to “Updating TLS” and you need to wait a few minutes for the instance to return to “Running Status”. image

Updating Certificate Validity

After SSL is enabled, if you want to update the certificate validity, click the button as shown below: image Click the confirm button to update the certificate. image Updating the certificate and enabling the SSL feature requires restarting the Redis instance, which takes a few minutes. After a successful update, the instance status will return to running status.

Changing Protocol

If you want to switch protocols, you can click the button on the right side of the protocol version. Currently supported: TLSv1.1, TLSv1.2, TLSv1.3. As shown below: image image

Downloading Certificates

The Redis SSL feature provides certificates in three formats: ca.crt, ca.jks, ca.p7b. You can use the appropriate format file according to your situation. The download button is shown below: image

Disabling SSL Feature

Disabling the SSL feature is in the “Data Security” tab. Disabling the SSL feature requires a restart, which will take a few minutes. During this period, the instance status is “Updating TLS” and after the modification is complete, the instance status becomes “Running”. image

SSL Connection Method Reference:

  1. Connect to Redis via redis-cli
redis-cli --tls --cacert ca.crt -h IP -a password
Fragmentation OrganizingIndustry Application