February 21, 2018 By DJ Walker-Morgan 2 min read

IBM Cloud Compose for Redis available with TLS encryption

New Compose for Redis instances on IBM Cloud now have TLS encryption enabled allowing greater security for your blazing fast in-memory data structures and caches.

Using TLS encryption means your connections, commands, and data are made safer from interception on the internet. TLS is the standard that took over from SSL for securing web connections and it is also referred to as TLS/SSL or SSL/TLS. We’ve made TLS encryption support the default for new Redis services. You can, though, still configure Redis without TLS by selecting an alternative plan when creating your Redis instance.

Redis and TLS/SSL

Not every Redis library or tool can do TLS encryption because, out of the box, Redis the database doesn’t do TLS. With TLS/SSL, we are wrapping each Redis connection in its own TLS tunnels. The Redis portal unwraps when it is safely within the IBM Cloud Compose Redis instance.

TLS encryption for Redis is represented in connection URLs by the de-facto standard scheme `rediss:`. That’s an extra s over the single-s redis: scheme. Many Redis drivers acknowledge the rediss: scheme and automatically use the secure TLS encryption.

There are, though, some tools that do not understand it. Most importantly, redis-cli, the Redis command line interface does not know how to do TLS encrypted connections. That’s not a problem though as a free software utility called stunnel (find it at https://www.stunnel.org/) can perform that TLS wrapping for non-TLS aware programs and drivers like redis-cli. We cover how to configure it for IBM Cloud Compose for Redis instances in the documentation.

With this economical and efficient way to configure secure connections now available, we’ve made it the default for new deployments of IBM Cloud Compose for Redis. It is easier to deploy than the previous SSH tunnel option (which needed certificates exchanged in advance) and more flexible. Existing users who want the TLS encryption option for their Redis should provision a new instance and migrate to it.

More from

Making HTTPS redirects easy with IBM NS1 Connect

3 min read - HTTPS is now the standard for application and website traffic on the internet. Over 85% of websites now use HTTPS by default—it’s to the point where a standard HTTP request now seems suspicious.  This is great for the security of the internet, but it’s a huge pain for the website and application teams that are managing HTTPS records. It was easy to move HTTP records around with a simple URL redirect. HTTPS redirects, on the other hand, require changing the URL…

Announcing Dizzion Desktop as a Service for IBM Virtual Private Cloud (VPC)

2 min read - For more than four years, Dizzion and IBM Cloud® have strategically partnered to deliver incredible digital workspace experiences to our clients. We are excited to announce that Dizzion has expanded their Desktop as a Service (DaaS) offering to now support IBM Cloud Virtual Private Cloud (VPC). Powered by Frame, Dizzion’s cloud-native DaaS platform, clients can now deploy their Windows and Linux® virtual desktops and applications on IBM Cloud VPC and enjoy fast, dynamic, infrastructure provisioning and a true consumption-based model.…

Best practices for augmenting human intelligence with AI

2 min read - Artificial intelligence (AI) should be designed to include and balance human oversight, agency and accountability over decisions across the AI lifecycle. IBM’s first Principle for Trust and Transparency states that the purpose of AI is to augment human intelligence. Augmented human intelligence means that the use of AI enhances human intelligence, rather than operating independently of, or replacing it. All of this implies that AI systems are not to be treated as human beings, but rather viewed as support mechanisms…

IBM Newsletters

Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters