Reputation: 2000
certbot and redis tls: which files I need to use?
I'm trying to setup TLS with a self-hosted redis server.
I've installed certbot on my server and ran the following command:
sudo certbot certonly --standalone
This generated the following files:
chain.pem
fullchain.pem
privkey.pem
cert.pem
I followed the information posted here and I edited the following settings in my redis.conf-file:
port 0
tls-port 6379
tls-cert-file /etc/letsencrypt/live/mydomain.com/fullchain.pem
tls-key-file /etc/letsencrypt/live/mydomain.com/privkey.pem
tls-ca-cert-file /etc/letsencrypt/live/mydomain.com/cert.pem
This doesn't work, the redis.service won't restart and gives an error.
I probably have the wrong files in my config. Can someone help me out which certificate-files I need to use?
Edit: when running /usr/bin/redis /etc/redis/redis.conf directly, everything works. Seems there is some problem with the redis.service.
Upvotes: 0
Views: 290
Answers (1)
Reputation: 103
Had a similar problem recently. On the bitnami docker image for redis (now valkey) they minify the distro and it lacks the typical CA files you would find. Here is what worked for us.
cert file = fullchain.pem
key file = privkey.key
ca file = download the following: https://letsencrypt.org/certs/isrgrootx1.pem
Upvotes: 0
Related Questions
- How to set password for Redis?
- How to get .pem file from .key and .crt files?
- Unable to open SSL private key [Expecting: TRUSTED CERTIFICATE]
- sudo certbot delete created errors
- HEROKU Free tier SSL: You need to be running on either Hobby or Professional dynos to be able to use SNI SSL
- Using Certbot i have difficulties with seperate certificates for multiple domains
- Redis 6 with TLS