Re: How to connect to tls://redis?

milanasotne23c · ‎07-02-2025

Hello. I have a redis server that requires .crt, .key and ca files for authentication. I tried to look into Magento code but can't figure out whether it is possible to define those keys in etc.php. If not, could you tell me how to connect my Magento to that tls Redis instance?

Ankit Jasani · ‎07-03-2025

Hello @milanasotne23c ,

You can try like below in app/etc/env.php

<?php
return [
    // … other entries …

    // —— SESSION STORAGE ——
    'session' => [
        'save' => 'redis',
        'redis' => [
            // use "tls://" on the host line so phpredis wraps the socket in TLS
            'host'                       => 'tls://redis.mycompany.com',
            'port'                       => '6379',
            'password'                   => '<your_redis_password>',
            'timeout'                    => '2.5',
            'persistent_identifier'      => '',
            'database'                   => '0',
            // optional locking/etc
            'disable_locking'            => 0,

            // SSL/TLS context
            'ssl' => [
                // path to your CA bundle (or individual .crt)
                'cafile'            => '/etc/ssl/certs/redis-ca.crt',
                // your client certificate
                'local_cert'        => '/etc/ssl/certs/redis-client.crt',
                // your client private key
                'local_pk'          => '/etc/ssl/private/redis-client.key',
                // whether to verify server cert
                'verify_peer'       => true,
                'verify_peer_name'  => true,
            ],
        ],
    ],

    // —— FULL‑PAGE CACHE (or other “cache” pools) ——
    'cache' => [
        'frontend' => [
            'default' => [
                'backend'         => 'Magento\\Framework\\Cache\\Backend\\Redis',
                'backend_options' => [
                    'server'      => 'tls://redis.mycompany.com',
                    'port'        => '6379',
                    'password'    => '<your_redis_password>',
                    'database'    => '1',
                    // same TLS block here:
                    'ssl'         => [
                        'cafile'            => '/etc/ssl/certs/redis-ca.crt',
                        'local_cert'        => '/etc/ssl/certs/redis-client.crt',
                        'local_pk'          => '/etc/ssl/private/redis-client.key',
                        'verify_peer'       => true,
                        'verify_peer_name'  => true,
                    ],
                ],
            ],
            'page_cache' => [
                'backend'         => 'Magento\\Framework\\Cache\\Backend\\Redis',
                'backend_options' => [
                    'server'      => 'tls://redis.mycompany.com',
                    'port'        => '6379',
                    'password'    => '<your_redis_password>',
                    'database'    => '2',
                    'ssl'         => [
                        'cafile'            => '/etc/ssl/certs/redis-ca.crt',
                        'local_cert'        => '/etc/ssl/certs/redis-client.crt',
                        'local_pk'          => '/etc/ssl/private/redis-client.key',
                        'verify_peer'       => true,
                        'verify_peer_name'  => true,
                    ],
                ],
            ],
        ],
    ],
];

Problem Solved? Accept as Solution!

Thanks,

Ankit

Ankit Jasani

wsumner675ecca · ‎07-18-2025

Having trouble connecting to TLS Redis with Magento? I had that too! I ended up configuring the Redis client directly in a custom module using predis/predis, bypassing Magento's default configuration. Is that ideal? Probably not, but it worked! By the way, remember the Pacman 30th Anniversary ?