What's New

IBM Cloud Compose for Redis available with TLS encryption

Share this post:

New Compose for Redis instances on IBM Cloud now have TLS encryption enabled allowing greater security for your blazing fast in-memory data structures and caches.

Using TLS encryption means your connections, commands, and data are made safer from interception on the internet. TLS is the standard that took over from SSL for securing web connections and it is also referred to as TLS/SSL or SSL/TLS. We’ve made TLS encryption support the default for new Redis services. You can, though, still configure Redis without TLS by selecting an alternative plan when creating your Redis instance.

Redis and TLS/SSL

Not every Redis library or tool can do TLS encryption because, out of the box, Redis the database doesn’t do TLS. With TLS/SSL, we are wrapping each Redis connection in its own TLS tunnels. The Redis portal unwraps when it is safely within the IBM Cloud Compose Redis instance.

TLS encryption for Redis is represented in connection URLs by the de-facto standard scheme `rediss:`. That’s an extra s over the single-s redis: scheme. Many Redis drivers acknowledge the rediss: scheme and automatically use the secure TLS encryption.

There are, though, some tools that do not understand it. Most importantly, redis-cli, the Redis command line interface does not know how to do TLS encrypted connections. That’s not a problem though as a free software utility called stunnel (find it at https://www.stunnel.org/) can perform that TLS wrapping for non-TLS aware programs and drivers like redis-cli. We cover how to configure it for IBM Cloud Compose for Redis instances in the documentation.

With this economical and efficient way to configure secure connections now available, we’ve made it the default for new deployments of IBM Cloud Compose for Redis. It is easier to deploy than the previous SSH tunnel option (which needed certificates exchanged in advance) and more flexible. Existing users who want the TLS encryption option for their Redis should provision a new instance and migrate to it.

 

Compose's Technical Content Curator

More What's New stories
June 29, 2018

Actiance solution on IBM Cloud and Watson APIs keeps business communications compliant and secure

Actiance, Inc. is on a mission to enable the security, management and compliance of unified communications, Web 2.0 and social media channels for corporate customers worldwide. With IBM Cloud as a key partner and enabler, Actiance helps support and manage more than 500 million daily conversations across 80 communications channels. Customers include the top 10 U.S., top 5 Canadian, top 8 European, and top 3 Asian banks. A key Actiance advantage is that its platforms help its customers stay ahead of compliance and uncover patterns and relationships hidden within their data, so they can be more proactive and less reactive.

Continue reading

June 13, 2018

Elinar Takes the Mystery out of GDPR with help from IBM Cloud and Watson

Even though GDPR May 25 deadline has come and gone, many companies are still scrambling to meet compliance. Here at Elinar, we are busier than ever. Our data discover solution, AI Miner, built with Watson APIs, for use on the IBM Cloud platform, can quickly uncover mysterious data with a quick scan on your data mass for records which have privacy settings that need updating to meet GDPR compliance.

Continue reading

May 24, 2018

Flexible & secure: Cloud storage solutions for all your workload needs

When it comes to storage in the cloud, having a combination of block, file and cloud object storage gives you the ability to optimize your storage costs all while providing reliability, durability and security. Learn about the IBM Cloud enterprise-grade storage solutions that can help your businesses’ use cases.

Continue reading