Follow these instructions to create your own certificates to install on your Redis Enterprise cluster. Note that you can install a separate certificate per cluster component.
Create a private key:
openssl genrsa -out <key-file-name>.pem 2048
Create a certificate signing request:
openssl req -new -key <key-file-name>.pem -out <key-file-name>.csrNote:
You will be prompted for a Country Name, State or Province Name, Locality Name, Organization Name, Organizational Unit, and Common Name.
You will need to check with your security team or certificate authority for the right values for your organization.
The database’s fully qualified domain name (FQDN) is typically used as the common name for the certificate.
Sign the private key using your certificate authority.
How to obtain a CA signed certificate is different for each organization and CA vendor. Consult your security team or certificate authority for the appropriate way to sign a certificate.
Upload the certificate to the cluster.
rladmin cluster certificate set <cert-name> \ certificate_file <cert-file-name>.pem \ key_file <key-file-name>.pem
Replace the following variables with your own values:
<cert-name>- The name of the certificate to update. See the certificates table for the list of valid certificate names.
<cert-file-name>- The certificate filename
<key-file-name>- The key filename