# Redis TLS Certificate Verification

Transport Layer Security (TLS) is required for all connections to the Redis server. You must verify the server's certificate to establish a secure TLS connection. If certificate verification fails with the error `redis-cli certificate` verify failed, you can perform one of the following options:

<details>

<summary><strong>Option 1: Trust the Certificate Globally</strong></summary>

Add the Redis server’s CA certificate to the system trust store.

</details>

<details>

<summary><strong>Option 2: Provide the CA Certificate Directly to the Client</strong></summary>

Use the `--cacert` option with `redis-cli`, specifying the path to the CA certificate that signed the Redis server’s certificate.

{% hint style="info" %}
**Note:**

* If your system trust store is up-to-date, `--cacert` is usually not required.
* If you need the CA certificate, download it from [<mark style="color:blue;">Let's Encrypt</mark>](https://letsencrypt.org/certificates/) certificates.
  {% endhint %}

</details>

<details>

<summary><strong>Option 3: Skip Certificate Verification</strong></summary>

Use the `--insecure` option to bypass the certificate checks.

{% hint style="warning" %}
**Warning:** You may skip verification of certificates for troubleshooting purposes only. It is not recommended for production environments.
{% endhint %}

</details>

## Additional checks

* Ensure the certificate’s Common Name (CN) or Subject Alternative Name (SAN) matches the hostname you use to connect.
* Keep your system trust store current to avoid outdated CA issues.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.ionos.com/cloud/databases/in-memory-db/troubleshooting/redis-tls-certificate-verification.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.