nchan_redis_ssl_client_certificate_key
The `nchan_redis_ssl_client_certificate_key` directive specifies the path to the SSL client certificate key for Redis connections in Nchan.
Description
The nchan_redis_ssl_client_certificate_key directive is used within the Nchan module to configure SSL client certificate authentication when Nchan connects to a Redis server over SSL. This directive allows the user to specify the file path where the private key of the SSL client certificate is stored. By providing the correct path, Nchan can successfully present the SSL client certificate to the Redis server during the initial SSL handshake, ensuring secure communication.
This directive is vital for scenarios where Redis is configured to require SSL authentication, thereby strengthening security by ensuring that only authorized clients can access the Redis instance. Users must ensure the path points to a valid private key file; failure to do so will result in Nchan being unable to authenticate with the Redis server, thus potentially causing communication failures.
Overall, it is a critical configuration for any Nchan installation that leverages Redis with SSL client authentication. Using this directive correctly helps establish secure connections, protecting message transport between Nchan and Redis from eavesdropping and tampering.
Config Example
upstream redis_backend {
server 127.0.0.1:6379;
nchan_redis_ssl_client_certificate_key /path/to/client-cert-key.key;
}Ensure the path provided is correct and accessible to the NGINX process.
The private key file must have the correct permissions to be read by the NGINX worker processes.
Omitting this directive when using Redis with SSL will lead to connection failures.