TLS Support for Redis

You can enable the security protocol by using any of the following methods:

Connecting to Redis through user credentials

To secure Redis through user credentials, you must set the adminRedisUsername, adminRedisDatabase, adminRedisClientname, and adminRedisPassword properties in the $OPE_HOME/roles/standalone/configurator/config/application.properties and $OPE_HOME/roles/authorization-service/standalone/config/application.properties files.

Update catalogRedisUsername, catalogRedisPassword, catalogRedisDatabase, and catalogRedisClientName properties in the $OPE_HOME/seed-data/appproperties/ConfigValues_OPES.json, $OPE_HOME/seed-data/appproperties/ConfigValues_OfferSearchIndexService.json, and $OPE_HOME/seeddata/app-properties/ConfigValues_CatalogService.json files.

Also, update shoppingCartRedisUsername, shoppingCartRedisPassword, shoppingCartRedisDatabase, and shoppingCartRedisClientName properties in the $OPE_HOME/seed-data/app-properties/ConfigValues_ShoppingCart.json file.

Using OpenSSL or TLS

Redis 6.x or later versions support OpenSSL or TLS. For using OpenSSL or TLS, security certificates are required to be generated.

To secure Redis by using OpenSSL or TLS, you must set the following properties in the $OPE_HOME/roles/standalone/configurator/config/application.properties and $OPE_HOME/roles/authorization-service/standalone/config/application.properties files and files from $OPE_HOME/seed-data/app-properties:

Property Name

Value

redisSslEnabled true
redisKeyStoreType pkcs12
redisKeyStoreAbsoluteFilePath Key store absolute file path
redisKeyStorePassword Password
redisTrustStoreType jks
redisTrustStoreAbsoluteFilePath Trust store absolute file path
redisTrustStorePassword Password
Note: For redisKeyStoreType and redisTrustStoreType, only pkcs12 and jks are supported respectively. As of now, no other values are supported.