Redis Connector | How to connect to Amazon ElastiCache for Redis using TLS

In order to connect to Amazon ElastiCache for Redis using TLS, you need to obtain the certificates for ElastiCache for Redis and import them into a Java keystore following the steps below:

1. Retrieve the ElastiCache for Redis SSL/TLS certificate:

You can obtain the certificate by connecting to your ElastiCache Redis cluster using the `openssl` command-line tool. Run the following command, replacing `<cluster-endpoint>` with the endpoint of your Redis cluster:

openssl s_client -connect <cluster-endpoint>:6379 -showcerts

This command will output the SSL certificate information. Look for the `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----` lines, and copy the certificate content between these lines.

2. Save the certificate to a file:

Create a new text file (e.g., `redis.crt`) and paste the certificate content you copied in the previous step into the file. Save it.

3. Import the certificate into a Java keystore:

Use the Java `keytool` command-line tool to import the certificate into a Java keystore file. Run the following command to import the certificate into a new keystore file (replace `<keystore-file>` with the desired name for your keystore file):

keytool -importcert -file redis.crt -alias redis -keystore <keystore-file>

You will be prompted to set a password for the keystore. Choose a secure password and confirm it.

4. Verify the certificate import:

You can verify that the certificate has been imported into the keystore by running the following command:

keytool -list -keystore <keystore-file>

Enter the keystore password when prompted, and it will display the certificate information if the import was successful.

Once you have completed these steps, you will have the ElastiCache for Redis SSL/TLS certificate imported into a Java keystore file, which you can use as the truststore file in Redis Connector configuration to connect to your ElastiCache Redis cluster.

ADDITIONAL INFORMATION