Directive Reference

nchan_redis_tls_trusted_certificate_path

Specifies the path to the trusted TLS certificate for establishing secure connections to Redis.

Scalable, flexible pub/sub server for the modern web · upstream
Syntaxnchan_redis_tls_trusted_certificate_path path;
Defaultnone
Contextupstream
Arguments1

Description

The nchan_redis_tls_trusted_certificate_path directive is utilized in the context of Nchan's Redis backend configuration to define the location of a trusted TLS certificate file. This file is essential for ensuring that secure connections between the Nchan module and the Redis server are validated against a trusted Certificate Authority (CA). Configuring this directive is particularly significant when data is transmitted over TLS, as it helps prevent Man-in-the-Middle (MitM) attacks by ensuring that the server being connected to is indeed the legitimate Redis server.

Config Example

upstream redis_backend {
    server 127.0.0.1:6379;
    nchan_redis_tls_trusted_certificate_path /etc/ssl/certs/ca-certificates.crt;
}

Ensure the provided path is readable by the NGINX process user.

Certificates must be in the correct format and properly configured for TLS connections.

For optimal security, always ensure the certificate is signed by a recognized Certificate Authority.

Related Directives

nchan_redis_tls_certificate_pathnchan_redis_tls_key_pathnchan_redis_use_tls
← Back to all directives