Skip to main content

🔒 Redis Encrypted Connection (SSL/TLS)

🌐 Introduction

The Redis certified by Virtuozzo includes an integrated add-on that implements encryption in transit (SSL/TLS).
This ensures the protection of data during transfer between servers.

  • Port 6380 → secure connections (TLS)
  • Port 6379 → unencrypted connections (compatibility)

🛒 Step 1 - Accessing the Marketplace

Open the SaveInCloud Marketplace and select the encrypted connection add-on for Redis.

Marketplace

⚙️ Step 2 - Installation

Follow the installation wizard to enable SSL/TLS support.

Instalação

After installation, you will see the readiness notice:

Aviso de Prontidão

Port 6380 is automatically configured and added to the firewall rules.

Porta Segura

📂 Certificates

SSL certificates are automatically generated and stored in:

/var/lib/jelastic/keys/SSL-TLS
  • 📁 server → certificates used by the Redis server
  • 📁 client → client certificates for optional authentication

Certificados

⚙️ Redis Settings

The SSL settings are in the file:

/etc/redis.conf

Main directives:

  • tls-port → SSL connection port (default: 6380)
  • port → non-secure connection port (6379, can be disabled)
  • tls-cert-file, tls-key-file, tls-ca-cert-file → certificate paths
  • tls-auth-clients → defines if clients require certificate authentication
  • tls-replication, tls-cluster → enable TLS in replication/cluster

Config Redis

🔑 Secure Connection

Simple connection with redis-cli

export REDISCLI_AUTH={password}
redis-cli -p 6380 --tls --cacert /var/lib/jelastic/keys/SSL-TLS/client/root.crt

Conexão CLI

Connection with client certificate

redis-cli -p 6380 --tls   --cert /var/lib/jelastic/keys/SSL-TLS/client/client.crt   --key  /var/lib/jelastic/keys/SSL-TLS/client/client.key   --cacert /var/lib/jelastic/keys/SSL-TLS/client/root.crt

Conexão com Certificado

🔐 Advanced Modes

  • Force SSL only → set port 0 and tls-port 6379 in /etc/redis.conf
  • Cluster/Sentinel via SSL → enable tls-cluster and tls-replication in the configuration file
  • Multiregional Cluster → use the same root certificate on all nodes across environments

Done! Now your Redis accepts secure connections with SSL/TLS, protecting data in transit.

🧠 Support

If you have questions, encounter difficulties in configuration, or need help in specific situations, contact SaveinCloud technical support through the channels available in the platform dashboard.