Nextcloud, Redis and TLS

Hello community, hoping someone has faced this problem already:

I have an item with nextcloud and encrypted redis (tls):

We have a cluster with 3 nextcloud nodes. These use redis as distributed memcache. Now the demand is that the connection has to be encrypted.
How can I configure this in the nextcloud? In the docu* I don’t see a parameter for tls.

The memcache has also to be enabled in the php-fpm config. At the moment it looks like that:

session.save_handler = redis
session.save_path = "tcp://redis.nextcloud.our.domain:6379?auth=mypassword

How to do this in tls?

Any suggestion would be appreciated. Thanks already for helping.

*Memory caching — Nextcloud latest Administration Manual latest documentation

Nextcloud version: 20.0.5
Operating system and version: Debian buster
Apache or nginx version: 2.4.46
PHP version: 7.3

The output of your Nextcloud log in Admin > Logging:

  Error    core               RedisException: read error on connection at lib/private/Memcache/Redis.php line 55                          2021-02-02T10:50:41+01:00 
                               0. lib/private/Memcache/Redis.php line 55                                                                                            
                                  Redis->get("83b9a4e050fb77760eab5258e89000ad\/JS-74b07fdfdead7b086d03920074347d7ecore-merged- ... s")                             
                               1. lib/private/Template/JSCombiner.php line 123                                                                                      
                               2. lib/private/Template/JSCombiner.php line 103                                                                                      
                                    OC\Files\SimpleFS\SimpleFolder {}                                                                                               
                               3. lib/private/Template/JSResourceLocator.php line 116                                                                               
                               4. .../JSResourceLocator.php line 72                                                                                                 
                                    "\/srv\/node1.web.nextcloud-t ... d",                                                                                           
                                    "core\/js\/merged-template-pr ... n"                                                                                            
                               5. lib/private/Template/ResourceLocator.php line 79                                                                                  
                               6. lib/private/TemplateLayout.php line 364                                                                                           
                                  OC\Template\ResourceLocator->find(["core\/js\/dist\/main","js\/dist\/files_fileinfo","js\/dis ... "])                             
                               7. lib/private/TemplateLayout.php line 194                                                                                           
                                  OC\TemplateLayout::findJavascriptFiles(["core\/js\/dist\/main","js\/dist\/files_fileinfo","js ... "])                             
                               8. lib/private/legacy/OC_Template.php line 183                                                                                       
                                  OC\TemplateLayout->__construct("error", "")                                                                                       
                               9. lib/private/Template/Base.php line 132                                                                                            
                              10. lib/private/legacy/OC_Template.php line 332                                                                                       
                              11. lib/base.php line 434                                                                                                             
                                  OC_Template::printExceptionErrorPage(Exception {}, 500)                                                                           
                              12. lib/base.php line 649                                                                                                             
                              13. lib/base.php line 1091                                                                                                            
                              14. status.php line 37                                                                                                                

(when tls is activated on redis)

Meanwhile we helped ourselves by installing a local haproxy on each web server which connects with tls to the redis cluster. The config within nextcloud can easily be done with redis on localhost (which is in fact the haproxy instance):
‘redis’ =>
array (
‘host’ => ‘’,
‘port’ => ‘6379’,
‘password’ => ‘topsecret’
But it is not possible to configure redis as session cache in the php-fpm config. In the log we get the error:
Error: session_write_close(): Failed to write session data (redis). Please verify that the current setting of session.save_path is correct (tcp://
Therefore we did not configure redis in php at all and keep the local session cache (which only contains encrypted dession data, all other cache data are in redis).

Perhaps you can use a ssh tunnel. But a ssh tunnel is not TLS. Sorry.
Redis SSH Tunnels
Connecting to redis via SSH tunneling | by Alexander Presber | momolog | Medium

Thanks, but an haproxy connection seems a bit more robust to us, because it is done on demand while ssh, stunnel o.s. have to be kept open all the time.