By default, Redis does not support any encryption. Assuming that encryption is desired in the client-server connection, extra tools are necessary. Encrypting the Redis communication using SSL can prevent malicious attackers from eavesdropping on the network, and ensure that only trusted clients that have the SSL key can connect to Redis.

The tool we will use to encrypt Redis communication is called stunnel. It is an SSL encryption wrapper between a local client and a local or remote server. Many services that do not implement SSL encryption can take advantage of stunnel.

Redis can be combined with stunnel to encrypt all client-server communication.

The basic idea is that a connection will exist between a stunnel server and a client, and that connection will be SSL-encrypted through a private SSL key.

There are two options for running Redis with stunnel: