Session handling requires caching of session information. For caching, a Redis database can be deployed within or outside the Microgateway cluster. The CR RedisProvider contains the necessary client configuration to connect to the Redis target host, including SSL/TLS settings, and database user credentials.
We highly recommend enabling SSL/TLS encrypted communication between the Airlock Microgateway and the Redis database, especially when using an external database, to keep the session information secure. Note that both components, the Airlock Microgateway and the Redis database, must have the same TLS configuration for communication to be possible.
With tls: {}
enabled only certificates which are signed by a CA that is trusted by any of the root CA certificates, built into the Microgateway Session Agent’s base image, are accepted until configured otherwise.
This CR needs to be referenced in the CR SessionHandling.