Redis Documentation > Redis Enterprise Software > Security > Certificates > Create certificates

Create certificates

Follow these instructions to create your own certificates to install on your Redis Enterprise cluster. Note that you can install a separate certificate per cluster component.

Create a private key:

openssl genrsa -out <key-file-name>.pem 2048

Create a certificate signing request:
```
openssl req -new -key <key-file-name>.pem -out <key-file-name>.csr
```
Note:
You will be prompted for a Country Name, State or Province Name, Locality Name, Organization Name, Organizational Unit, and Common Name.
- You will need to check with your security team or certificate authority for the right values for your organization.
- The database’s fully qualified domain name (FQDN) is typically used as the common name for the certificate.
Sign the private key using your certificate authority.

How to obtain a CA signed certificate is different for each organization and CA vendor. Consult your security team or certificate authority for the appropriate way to sign a certificate.
Upload the certificate to the cluster.

To upload the new certificate and replace the current certificate with the rladmin command-line utility, run the cluster certificate set command:
```
rladmin cluster certificate set <cert-name> \
    certificate_file <cert-file-name>.pem \
    key_file <key-file-name>.pem
```
Replace the following variables with your own values:
- <cert-name> - The name of the certificate to update. See the certificates table for the list of valid certificate names.
- <cert-file-name> - The certificate filename
- <key-file-name> - The key filename

Edit on GitHub

Updated: December 23, 2022

Download PDF

Top