diff --git a/.ci/docker-compose-file/redis/redis-tls.conf b/.ci/docker-compose-file/redis/redis-tls.conf
index 584399a29..325c200c3 100644
--- a/.ci/docker-compose-file/redis/redis-tls.conf
+++ b/.ci/docker-compose-file/redis/redis-tls.conf
@@ -5,6 +5,7 @@ tls-cert-file /tls/redis.crt
 tls-key-file /tls/redis.key
 tls-ca-cert-file /tls/ca.crt
 tls-replication yes
+tls-cluster yes
 protected-mode no
 requirepass public
 masterauth public
diff --git a/.ci/docker-compose-file/redis/redis.sh b/.ci/docker-compose-file/redis/redis.sh
index ceca7e2c3..272a5b443 100755
--- a/.ci/docker-compose-file/redis/redis.sh
+++ b/.ci/docker-compose-file/redis/redis.sh
@@ -90,7 +90,11 @@ do
         continue;
     fi
     if [ "${node}" = "cluster" ] ; then
-      yes "yes" | redis-cli --cluster create "$LOCAL_IP:7000" "$LOCAL_IP:7001" "$LOCAL_IP:7002" --pass public --no-auth-warning;
+      if $tls ; then
+       yes "yes" | redis-cli --cluster create "$LOCAL_IP:8000" "$LOCAL_IP:8001" "$LOCAL_IP:8002" --pass public --no-auth-warning --tls true --cacert /tls/ca.crt --cert /tls/redis.crt --key /tls/redis.key;
+      else
+        yes "yes" | redis-cli --cluster create "$LOCAL_IP:7000" "$LOCAL_IP:7001" "$LOCAL_IP:7002" --pass public --no-auth-warning;
+      fi
     elif [ "${node}" = "sentinel" ] ; then
       tee /_sentinel.conf>/dev/null << EOF
 port 26379