diff options
author | Yossi Gottlieb <yossigo@gmail.com> | 2020-02-05 18:30:12 +0200 |
---|---|---|
committer | Yossi Gottlieb <yossigo@gmail.com> | 2020-02-05 18:30:12 +0200 |
commit | 1e02d599dc2a0643fcf82af42047adf07c78fe41 (patch) | |
tree | 0c4dc04e6f7c50987dcfd9238b5babd8dc45fcb9 | |
parent | 44ac202fbfbca4210d016c9f77df987b27c1ae4c (diff) | |
download | redis-1e02d599dc2a0643fcf82af42047adf07c78fe41.tar.gz |
TLS: Some redis.conf clarifications.
-rw-r--r-- | redis.conf | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/redis.conf b/redis.conf index 07005cffe..3c7336747 100644 --- a/redis.conf +++ b/redis.conf @@ -155,23 +155,22 @@ tcp-keepalive 300 # tls-ca-cert-file ca.crt # tls-ca-cert-dir /etc/ssl/certs -# If TLS/SSL clients are required to authenticate using a client side -# certificate, use this directive. +# By default, clients (including replica servers) on a TLS port are required +# to authenticate using valid client side certificates. # -# Note: this applies to all incoming clients, including replicas. +# It is possible to disable authentication using this directive. # -# tls-auth-clients yes +# tls-auth-clients no -# If TLS/SSL should be used when connecting as a replica to a master, enable -# this configuration directive: +# By default, a Redis replica does not attempt to establish a TLS connection +# with its master. +# +# Use the following directive to enable TLS on replication links. # # tls-replication yes -# If TLS/SSL should be used for the Redis Cluster bus, enable this configuration -# directive. -# -# NOTE: If TLS/SSL is enabled for Cluster Bus, mutual authentication is always -# enforced. +# By default, the Redis Cluster bus uses a plain TCP connection. To enable +# TLS for the bus protocol, use the following directive: # # tls-cluster yes |