You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/operate/rs/security/encryption/internode-encryption.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -125,7 +125,7 @@ POST /v1/cluster/certificates/rotate
125
125
126
126
## Customer-provided certificates
127
127
128
-
Instead of using Redis Enterprise Software's self-signed certificates for internode encryption, you can provide your own certificates generated by your Certificate Authority (CA).
128
+
Instead of using Redis Enterprise Software's self-signed certificates for internode encryption, you can provide certificates generated by your Certificate Authority (CA).
129
129
130
130
### Certificate requirements
131
131
@@ -139,9 +139,9 @@ Customer-provided internode encryption certificates must meet the following requ
139
139
140
140
You can upload either:
141
141
142
-
- One certificate to be used for both data plane internode encryption (DPINE) and control plane internode encryption (CPINE)
142
+
- One certificate for both data plane internode encryption (DPINE) and control plane internode encryption (CPINE).
143
143
144
-
- Two separate certificates: one for DPINE and one for CPINE
144
+
- Two separate certificates: one for DPINE and one for CPINE.
145
145
146
146
147
147
{{< multitabs id="get-module-versions"
@@ -198,11 +198,11 @@ PUT https://<host>:<port>/v1/certificates
198
198
199
199
### Certificate expiration and rotation
200
200
201
-
Customer-provided internode encryption certificates are not rotated automatically.
201
+
Customer-provided internode encryption certificates are not rotated automatically. To prevent possible issues with cluster and database unavailability caused by expired internode encryption certificates:
202
202
203
-
The expiration of internode encryption certificates could lead to unavailability of the cluster and its databases. To prevent this issue, you should monitor the certificates' expiration dates and renew them before they expire.
203
+
- You should monitor the certificates' expiration dates and renew them before they expire.
204
204
205
-
In case the customer-managed certificates are not manually renewed before they expire, Redis Enterprise Software automatically replaces them with self-signed certificates 5 days before expiration. You can upload new customer-provided certificates at any time to replace the automatically generated self-signed certificates.
205
+
- In case you do not renew the customer-managed certificates before they expire, Redis Enterprise Software automatically replaces them with self-signed certificates 5 days before expiration. You can upload new customer-provided certificates to replace these certificates anytime.
0 commit comments