This topic describes how to enhance link security by enabling Secure Sockets Layer (SSL) encryption and installing SSL CA certificates on your application services. The SSL encryption feature encrypts network connections at the transport layer to improve data security and ensure data integrity during communication.
- The major version of your ApsaraDB for Redis instance is Redis 2.8. The instance can be a standard instance or a cluster instance.
- The major version of your ApsaraDB for Redis instance is Redis 4.0 or Redis 5.0. The
instance must be a cluster instance.
Note Persistent memory-optimized instances do not support this feature.
- SSL encryption may increase the network latency of instances. We recommend that you enable this feature only when required. For example, you can enable SSL encryption if you connect to an ApsaraDB for Redis instance over the Internet.
- After you enable SSL encryption for an instance, both SSL and non-SSL connections are supported.
- Log on to the ApsaraDB for Redis console.
- In the top navigation bar of the page, select the region where the instance is deployed.
- On the Instances page, click the ID of the instance.
- Perform one of the following operations.
Operation Description Enable or disable SSL encryption Turn on or off SSL Certificate. Modify the earliest TLS version supported by the instance Click SSL next to Minimum TLS version, select a TLS version from the drop-down list, and then click Save. The default value is TLSv1. Update the CA certificate Click Update Validity in the upper-right corner of the page, and then click OK.Warning If you update the validity period of a CA certificate, the instance is restarted. During the restart process, the instance experiences transient connections for a few seconds. We recommend that you update the certificate during off-peak hours and make sure that your application supports automatic reconnection. Download the CA certificate In the upper-right corner of the page, click Download SSL Certificate.
What can I do if the error message "version not supported" appears?
You must update your instance to the latest minor version. For more information, see Upgrade the minor version.
|ModifyInstanceSSL||Configures SSL encryption for an ApsaraDB for Redis instance.|