From f77dcb30956960f5fddef0312693d53b7bacad45 Mon Sep 17 00:00:00 2001 From: x032205 Date: Fri, 19 Dec 2025 18:18:58 -0500 Subject: [PATCH] add docs for Redis with SSL --- docs/self-hosting/configuration/envars.mdx | 23 ++++++++++++++++++++-- 1 file changed, 21 insertions(+), 2 deletions(-) diff --git a/docs/self-hosting/configuration/envars.mdx b/docs/self-hosting/configuration/envars.mdx index 669c3aaa3c..7cd65f06fe 100644 --- a/docs/self-hosting/configuration/envars.mdx +++ b/docs/self-hosting/configuration/envars.mdx @@ -160,12 +160,18 @@ DB_READ_REPLICAS=[{"DB_CONNECTION_URI":""}] ### Redis -Redis is used for caching and background tasks. You can use either a standalone Redis instance or a Redis Sentinel setup. +Redis is used for caching and background tasks. You can use either a standalone Redis instance, Redis Sentinel, or Redis Cluster setup. - Redis connection string. + Redis connection string. For SSL/TLS connections, use the `rediss://` protocol (note the double 's'). + + Examples: + - Without SSL: `redis://localhost:6379` + - With SSL: `rediss://localhost:6379` + - With authentication: `redis://:password@localhost:6379` + - With SSL and authentication: `rediss://:password@localhost:6379` @@ -240,6 +246,19 @@ Redis is used for caching and background tasks. You can use either a standalone +### Redis with SSL/TLS + +To connect to Redis with SSL/TLS, use the `rediss://` protocol (note the double 's') in your connection string. + +If your Redis server uses a certificate signed by a private CA or a self-signed certificate, set the `NODE_EXTRA_CA_CERTS` environment variable to the path of your CA certificate file: + +```bash +REDIS_URL=rediss://your-redis-host:6379 +NODE_EXTRA_CA_CERTS=/path/to/ca.crt +``` + +For Redis Sentinel or Cluster mode, use the `REDIS_SENTINEL_ENABLE_TLS` or `REDIS_CLUSTER_ENABLE_TLS` environment variables respectively. + ## Email Service Without email configuration, Infisical's core functions like sign-up/login and secret operations work, but this disables multi-factor authentication, email invites for projects, alerts for suspicious logins, and all other email-dependent features.