TLS Support for Redis
You can enable the security protocol by using any of the following methods:
Connecting to Redis through user credentials
To secure Redis through user credentials, you must set the adminRedisUsername, adminRedisDatabase, adminRedisClientname, and adminRedisPassword properties in the $OPE_HOME/roles/standalone/configurator/config/application.properties
and $OPE_HOME/roles/authorization-service/standalone/config/application.properties
files.
Update catalogRedisUsername
, catalogRedisPassword
, catalogRedisDatabase
, and catalogRedisClientName
properties in the $OPE_HOME/seed-data/appproperties/ConfigValues_OPES.json
, $OPE_HOME/seed-data/appproperties/ConfigValues_OfferSearchIndexService.json
, and $OPE_HOME/seeddata/app-properties/ConfigValues_CatalogService.json
files.
Also, update shoppingCartRedisUsername
, shoppingCartRedisPassword
, shoppingCartRedisDatabase
, and shoppingCartRedisClientName
properties in the $OPE_HOME/seed-data/app-properties/ConfigValues_ShoppingCart.json
file.
Using OpenSSL or TLS
Redis 6.x or later versions support OpenSSL or TLS. For using OpenSSL or TLS, security certificates are required to be generated.
To secure Redis by using OpenSSL or TLS, you must set the following properties in the $OPE_HOME/roles/standalone/configurator/config/application.properties
and $OPE_HOME/roles/authorization-service/standalone/config/application.properties
files and files from $OPE_HOME/seed-data/app-properties
:
Property Name |
Value |
---|---|
redisSslEnabled | true |
redisKeyStoreType | pkcs12 |
redisKeyStoreAbsoluteFilePath | Key store absolute file path |
redisKeyStorePassword | Password |
redisTrustStoreType | jks |
redisTrustStoreAbsoluteFilePath | Trust store absolute file path |
redisTrustStorePassword | Password |