SSL Connection for Redis and Postgres

@dimitrie what are your thoughts on updating the connection to the database and Redis to be optionally TLS connections. Non-TLS would be the default still.

I can put in a PR.

@cristi’s the boss now on these :smiley:

@peter.grainger Hmm, we’re actually using TLS connections in our deployments: We just set POSTGRES_URL and REDIS_URL to TLS-enabled urls.

What changes are you thinking of doing?

Ah, OK. Didn’t realise it was that simple! I’ll try that

@cristi for Redis don’t you have to configure it this way? Using Redis with Node.js (node_redis) | Redis Labs Documentation Center

Otherwise it will use the non-TLS connection?

@peter.grainger That’s the way to configure TLS with client certificates to strengthen the client authentication security beyond username/password.

Most redis providers just give you a connection string that starts with rediss:// (notice the double s), which means it uses a TLS socket, and that is recognized and used by the node redis package (check redis - npm and search for rediss in the page)

Do you need a setup with redis client authentication with client certificates? (in this scenario you should also configure the server to trust those client certificates that connect to it)

Thanks for the info. I’ll have to read more about it