diff --git a/TLS.md b/TLS.md index 51bfeae08a..c87975f204 100644 --- a/TLS.md +++ b/TLS.md @@ -9,27 +9,27 @@ Getting Started To build with TLS support you'll need OpenSSL development libraries (e.g. libssl-dev on Debian/Ubuntu). -To build TLS support as Redis built-in: +To build TLS support as Valkey built-in: Run `make BUILD_TLS=yes`. -Or to build TLS as Redis module: +Or to build TLS as Valkey module: Run `make BUILD_TLS=module`. Note that sentinel mode does not support TLS module. ### Tests -To run Redis test suite with TLS, you'll need TLS support for TCL (i.e. +To run Valkey test suite with TLS, you'll need TLS support for TCL (i.e. `tcl-tls` package on Debian/Ubuntu). 1. Run `./utils/gen-test-certs.sh` to generate a root CA and a server certificate. -2. Run `./runtest --tls` or `./runtest-cluster --tls` to run Redis and Redis +2. Run `./runtest --tls` or `./runtest-cluster --tls` to run Valkey and Valkey Cluster tests in TLS mode. 3. Run `./runtest --tls-module` or `./runtest-cluster --tls-module` to - run Redis and Redis cluster tests in TLS mode with Redis module. + run Valkey and Valkey cluster tests in TLS mode with Valkey module. ### Running manually @@ -49,18 +49,18 @@ For TLS module mode: --tls-ca-cert-file ./tests/tls/ca.crt \ --loadmodule src/valkey-tls.so -To connect to this Redis server with `valkey-cli`: +To connect to this Valkey server with `valkey-cli`: ./src/valkey-cli --tls \ - --cert ./tests/tls/redis.crt \ - --key ./tests/tls/redis.key \ + --cert ./tests/tls/valkey.crt \ + --key ./tests/tls/valkey.key \ --cacert ./tests/tls/ca.crt This will disable TCP and enable TLS on port 6379. It's also possible to have both TCP and TLS available, but you'll need to assign different ports. To make a Replica connect to the master using TLS, use `--tls-replication yes`, -and to make Redis Cluster use TLS across nodes use `--tls-cluster yes`. +and to make Valkey Cluster use TLS across nodes use `--tls-cluster yes`. Connections ----------- @@ -85,18 +85,18 @@ but there are probably other good reasons to improve that part anyway. To-Do List ---------- -- [ ] redis-benchmark support. The current implementation is a mix of using +- [ ] valkey-benchmark support. The current implementation is a mix of using hiredis for parsing and basic networking (establishing connections), but directly manipulating sockets for most actions. This will need to be cleaned up for proper TLS support. The best approach is probably to migrate to hiredis async mode. -- [ ] redis-cli `--slave` and `--rdb` support. +- [ ] valkey-cli `--slave` and `--rdb` support. Multi-port ---------- Consider the implications of allowing TLS to be configured on a separate port, -making Redis listening on multiple ports: +making Valkey listening on multiple ports: 1. Startup banner port notification 2. Proctitle