Skip to main content
Version: 1.0.x

mTLS with Redis Configuration

For enhanced security, Lunar Pro supports connecting to Redis using mutual TLS (mTLS). Follow these steps to configure mTLS for your Redis connection:

  1. Obtain the necessary certificate files:

    • Ensure you have the CA certificate, client certificate, and client key files required for mTLS communication with Redis.

  2. Mount the certificate directory:

    • Mount the directory containing your Redis certificate files to the Lunar Pro container. For example, if your certificates are stored in /organization_certs/redis, mount the directory as follows:

      -v /organization_certs/redis:/etc/redis

    Note: Replace /organization_certs/redis with the actual path to your certificates.

  3. Set the environment variables:

    • Enable the use of the CA and client certificates by setting the REDIS_USE_CA_CERT and REDIS_USE_CLIENT_CERT environment variables to true:

      -e REDIS_USE_CA_CERT="true" -e REDIS_USE_CLIENT_CERT="true"

  4. Configure certificate paths (if necessary):

    • If your certificate files are stored in non-default paths, update the environment variables REDIS_CA_CERT_PATH, REDIS_CLIENT_CERT_PATH, and REDIS_CLIENT_KEY_PATH to reflect the correct file locations:

      -e REDIS_CA_CERT_PATH="/path_to_cert/ca.crt" -e REDIS_CLIENT_CERT_PATH="/path_to_cert/client.crt" -e REDIS_CLIENT_KEY_PATH="/path_to_cert/client.key"

By configuring Redis with mTLS, you ensure secure, encrypted communication between Lunar Pro instances and Redis, further safeguarding your API infrastructure.