mTLS with Redis Configuration

For enhanced security, Lunar Pro supports connecting to Redis using mutual TLS (mTLS). Follow these steps to configure mTLS for your Redis connection:

1. Obtain the necessary certificate files:

   • Ensure you have the CA certificate, client certificate, and client key files required for mTLS communication with Redis.

2. Mount the certificate directory:

   • Mount the directory containing your Redis certificate files to the Lunar Pro container. For example, if your certificates are stored in /organization_certs/redis, mount the directory as follows:

     -v /organization_certs/redis:/etc/redis

   Note: Replace /organization_certs/redis with the actual path to your certificates.

3. Set the environment variables:

   • Enable the use of the CA and client certificates by setting the REDIS_USE_CA_CERT and REDIS_USE_CLIENT_CERT environment variables to true:

     -e REDIS_USE_CA_CERT="true" -e REDIS_USE_CLIENT_CERT="true"

4. Configure certificate paths (if necessary):

   • If your certificate files are stored in non-default paths, update the environment variables REDIS_CA_CERT_PATH, REDIS_CLIENT_CERT_PATH, and REDIS_CLIENT_KEY_PATH to reflect the correct file locations:

     -e REDIS_CA_CERT_PATH="/path_to_cert/ca.crt" -e REDIS_CLIENT_CERT_PATH="/path_to_cert/client.crt" -e REDIS_CLIENT_KEY_PATH="/path_to_cert/client.key"

By configuring Redis with mTLS, you ensure secure, encrypted communication between Lunar Pro instances and Redis, further safeguarding your API infrastructure.