How to enable SSL with Redis (Ruby Driver) on RedisLabs.
Typically, this is how you'd connect to Redis:
Redis.new(url: ENV["REDIS_URL"])Where REDIS_URL uses the following format:
redis://:{password}@{host}:{port}/{db}
In order to secure your connection using SSL, you'll need to acquire the necessary certificates from RedisLabs. At the time of writing, RedisLabs has to manually enable SSL for your subscription. It's not available by default. Once they've added it you'll want to enable "SSL Client Authentication" in their Web UI and generate the certificates.
Once done, securely connect to Redis using SSL:
url = ENV["REDIS_URL"]
ssl = {}
ssl[:cert] = OpenSSL::X509::Certificate.new(ENV["REDIS_CERT"])
ssl[:key] = OpenSSL::PKey::RSA.new(ENV["REDIS_KEY"])
ssl[:cert_store] = OpenSSL::X509::Store.new
ssl[:cert_store].add_cert(OpenSSL::X509::Certificate.new(ENV["REDIS_CA"]))
Redis.new(url: url, ssl_params: ssl)Where REDIS_URL uses the following format using the rediss:// scheme:
rediss://:{password}@{host}:{port}/{db}
And where REDIS_CERT, REDIS_KEY, and REDIS_CA are the RedisLabs-provided certificates, stored in environment variables:
REDIS_CERT = $(cat redislabs_user.crt)
REDIS_KEY = $(cat redislabs_user_private.key)
REDIS_CA = $(cat redislabs_ca.pem)
With "SSL Client Authentication" enabled in the RedisLabs Web UI, you can no longer connect without SSL. So, once you've managed to successfully connect to your Redis server using the provided certificates, your connection is secured.