diff --git a/bitnami/redis/6.2/debian-11/rootfs/opt/bitnami/scripts/libredis.sh b/bitnami/redis/6.2/debian-11/rootfs/opt/bitnami/scripts/libredis.sh
index 09ad07460a170..1fca0bdfa763c 100644
--- a/bitnami/redis/6.2/debian-11/rootfs/opt/bitnami/scripts/libredis.sh
+++ b/bitnami/redis/6.2/debian-11/rootfs/opt/bitnami/scripts/libredis.sh
@@ -228,7 +228,11 @@ redis_validate() {
             print_validation_error "The private key file in the specified path ${REDIS_TLS_KEY_FILE} does not exist"
         fi
         if [[ -z "$REDIS_TLS_CA_FILE" ]]; then
-            print_validation_error "You must provide a CA X.509 certificate in order to use TLS"
+            if [[ -z "$REDIS_TLS_CA_DIR" ]]; then
+                print_validation_error "You must provide either a CA X.509 certificate or a CA certificates directory in order to use TLS"
+            elif [[ ! -d "$REDIS_TLS_CA_DIR" ]]; then
+                print_validation_error "The CA certificates directory specified by path ${REDIS_TLS_CA_DIR} does not exist"
+            fi
         elif [[ ! -f "$REDIS_TLS_CA_FILE" ]]; then
             print_validation_error "The CA X.509 certificate file in the specified path ${REDIS_TLS_CA_FILE} does not exist"
         fi
@@ -265,7 +269,9 @@ redis_configure_replication() {
     elif [[ "$REDIS_REPLICATION_MODE" =~ ^(slave|replica)$ ]]; then
         if [[ -n "$REDIS_SENTINEL_HOST" ]]; then
             local -a sentinel_info_command=("redis-cli" "-h" "${REDIS_SENTINEL_HOST}" "-p" "${REDIS_SENTINEL_PORT_NUMBER}")
-            is_boolean_yes "$REDIS_TLS_ENABLED" && sentinel_info_command+=("--tls" "--cert" "${REDIS_TLS_CERT_FILE}" "--key" "${REDIS_TLS_KEY_FILE}" "--cacert" "${REDIS_TLS_CA_FILE}")
+            is_boolean_yes "$REDIS_TLS_ENABLED" && sentinel_info_command+=("--tls" "--cert" "${REDIS_TLS_CERT_FILE}" "--key" "${REDIS_TLS_KEY_FILE}")
+            is_empty_value "$REDIS_TLS_CA_FILE" && sentinel_info_command+=("--cacertdir" "${REDIS_TLS_CA_DIR}")
+            ! is_empty_value "$REDIS_TLS_CA_FILE" && sentinel_info_command+=("--cacert" "${REDIS_TLS_CA_FILE}")
             sentinel_info_command+=("sentinel" "get-master-addr-by-name" "${REDIS_SENTINEL_MASTER_NAME}")
             read -r -a REDIS_SENTINEL_INFO <<< "$("${sentinel_info_command[@]}" | tr '\n' ' ')"
             REDIS_MASTER_HOST=${REDIS_SENTINEL_INFO[0]}
@@ -431,7 +437,8 @@ redis_configure_default() {
             fi
             redis_conf_set tls-cert-file "$REDIS_TLS_CERT_FILE"
             redis_conf_set tls-key-file "$REDIS_TLS_KEY_FILE"
-            redis_conf_set tls-ca-cert-file "$REDIS_TLS_CA_FILE"
+            ! is_empty_value "$REDIS_TLS_CA_FILE" && redis_conf_set tls-ca-cert-file "$REDIS_TLS_CA_FILE"
+            is_empty_value "$REDIS_TLS_CA_FILE" && redis_conf_set tls-ca-cert-dir "$REDIS_TLS_CA_DIR"
             ! is_empty_value "$REDIS_TLS_KEY_FILE_PASS" && redis_conf_set tls-key-file-pass "$REDIS_TLS_KEY_FILE_PASS"
             [[ -n "$REDIS_TLS_DH_PARAMS_FILE" ]] && redis_conf_set tls-dh-params-file "$REDIS_TLS_DH_PARAMS_FILE"
             redis_conf_set tls-auth-clients "$REDIS_TLS_AUTH_CLIENTS"
diff --git a/bitnami/redis/6.2/debian-11/rootfs/opt/bitnami/scripts/redis-env.sh b/bitnami/redis/6.2/debian-11/rootfs/opt/bitnami/scripts/redis-env.sh
index ed9a7f67a4f5c..5d3bb6b61705d 100644
--- a/bitnami/redis/6.2/debian-11/rootfs/opt/bitnami/scripts/redis-env.sh
+++ b/bitnami/redis/6.2/debian-11/rootfs/opt/bitnami/scripts/redis-env.sh
@@ -51,6 +51,7 @@ redis_env_vars=(
     REDIS_TLS_KEY_FILE
     REDIS_TLS_KEY_FILE_PASS
     REDIS_TLS_CA_FILE
+    REDIS_TLS_CA_DIR
     REDIS_TLS_DH_PARAMS_FILE
     REDIS_TLS_AUTH_CLIENTS
     REDIS_SENTINEL_MASTER_NAME
@@ -120,6 +121,7 @@ export REDIS_TLS_CERT_FILE="${REDIS_TLS_CERT_FILE:-}"
 export REDIS_TLS_KEY_FILE="${REDIS_TLS_KEY_FILE:-}"
 export REDIS_TLS_KEY_FILE_PASS="${REDIS_TLS_KEY_FILE_PASS:-}"
 export REDIS_TLS_CA_FILE="${REDIS_TLS_CA_FILE:-}"
+export REDIS_TLS_CA_DIR="${REDIS_TLS_CA_DIR:-}"
 export REDIS_TLS_DH_PARAMS_FILE="${REDIS_TLS_DH_PARAMS_FILE:-}"
 export REDIS_TLS_AUTH_CLIENTS="${REDIS_TLS_AUTH_CLIENTS:-yes}"
 
diff --git a/bitnami/redis/7.0/debian-11/rootfs/opt/bitnami/scripts/libredis.sh b/bitnami/redis/7.0/debian-11/rootfs/opt/bitnami/scripts/libredis.sh
index 09ad07460a170..1fca0bdfa763c 100644
--- a/bitnami/redis/7.0/debian-11/rootfs/opt/bitnami/scripts/libredis.sh
+++ b/bitnami/redis/7.0/debian-11/rootfs/opt/bitnami/scripts/libredis.sh
@@ -228,7 +228,11 @@ redis_validate() {
             print_validation_error "The private key file in the specified path ${REDIS_TLS_KEY_FILE} does not exist"
         fi
         if [[ -z "$REDIS_TLS_CA_FILE" ]]; then
-            print_validation_error "You must provide a CA X.509 certificate in order to use TLS"
+            if [[ -z "$REDIS_TLS_CA_DIR" ]]; then
+                print_validation_error "You must provide either a CA X.509 certificate or a CA certificates directory in order to use TLS"
+            elif [[ ! -d "$REDIS_TLS_CA_DIR" ]]; then
+                print_validation_error "The CA certificates directory specified by path ${REDIS_TLS_CA_DIR} does not exist"
+            fi
         elif [[ ! -f "$REDIS_TLS_CA_FILE" ]]; then
             print_validation_error "The CA X.509 certificate file in the specified path ${REDIS_TLS_CA_FILE} does not exist"
         fi
@@ -265,7 +269,9 @@ redis_configure_replication() {
     elif [[ "$REDIS_REPLICATION_MODE" =~ ^(slave|replica)$ ]]; then
         if [[ -n "$REDIS_SENTINEL_HOST" ]]; then
             local -a sentinel_info_command=("redis-cli" "-h" "${REDIS_SENTINEL_HOST}" "-p" "${REDIS_SENTINEL_PORT_NUMBER}")
-            is_boolean_yes "$REDIS_TLS_ENABLED" && sentinel_info_command+=("--tls" "--cert" "${REDIS_TLS_CERT_FILE}" "--key" "${REDIS_TLS_KEY_FILE}" "--cacert" "${REDIS_TLS_CA_FILE}")
+            is_boolean_yes "$REDIS_TLS_ENABLED" && sentinel_info_command+=("--tls" "--cert" "${REDIS_TLS_CERT_FILE}" "--key" "${REDIS_TLS_KEY_FILE}")
+            is_empty_value "$REDIS_TLS_CA_FILE" && sentinel_info_command+=("--cacertdir" "${REDIS_TLS_CA_DIR}")
+            ! is_empty_value "$REDIS_TLS_CA_FILE" && sentinel_info_command+=("--cacert" "${REDIS_TLS_CA_FILE}")
             sentinel_info_command+=("sentinel" "get-master-addr-by-name" "${REDIS_SENTINEL_MASTER_NAME}")
             read -r -a REDIS_SENTINEL_INFO <<< "$("${sentinel_info_command[@]}" | tr '\n' ' ')"
             REDIS_MASTER_HOST=${REDIS_SENTINEL_INFO[0]}
@@ -431,7 +437,8 @@ redis_configure_default() {
             fi
             redis_conf_set tls-cert-file "$REDIS_TLS_CERT_FILE"
             redis_conf_set tls-key-file "$REDIS_TLS_KEY_FILE"
-            redis_conf_set tls-ca-cert-file "$REDIS_TLS_CA_FILE"
+            ! is_empty_value "$REDIS_TLS_CA_FILE" && redis_conf_set tls-ca-cert-file "$REDIS_TLS_CA_FILE"
+            is_empty_value "$REDIS_TLS_CA_FILE" && redis_conf_set tls-ca-cert-dir "$REDIS_TLS_CA_DIR"
             ! is_empty_value "$REDIS_TLS_KEY_FILE_PASS" && redis_conf_set tls-key-file-pass "$REDIS_TLS_KEY_FILE_PASS"
             [[ -n "$REDIS_TLS_DH_PARAMS_FILE" ]] && redis_conf_set tls-dh-params-file "$REDIS_TLS_DH_PARAMS_FILE"
             redis_conf_set tls-auth-clients "$REDIS_TLS_AUTH_CLIENTS"
diff --git a/bitnami/redis/7.0/debian-11/rootfs/opt/bitnami/scripts/redis-env.sh b/bitnami/redis/7.0/debian-11/rootfs/opt/bitnami/scripts/redis-env.sh
index ed9a7f67a4f5c..5d3bb6b61705d 100644
--- a/bitnami/redis/7.0/debian-11/rootfs/opt/bitnami/scripts/redis-env.sh
+++ b/bitnami/redis/7.0/debian-11/rootfs/opt/bitnami/scripts/redis-env.sh
@@ -51,6 +51,7 @@ redis_env_vars=(
     REDIS_TLS_KEY_FILE
     REDIS_TLS_KEY_FILE_PASS
     REDIS_TLS_CA_FILE
+    REDIS_TLS_CA_DIR
     REDIS_TLS_DH_PARAMS_FILE
     REDIS_TLS_AUTH_CLIENTS
     REDIS_SENTINEL_MASTER_NAME
@@ -120,6 +121,7 @@ export REDIS_TLS_CERT_FILE="${REDIS_TLS_CERT_FILE:-}"
 export REDIS_TLS_KEY_FILE="${REDIS_TLS_KEY_FILE:-}"
 export REDIS_TLS_KEY_FILE_PASS="${REDIS_TLS_KEY_FILE_PASS:-}"
 export REDIS_TLS_CA_FILE="${REDIS_TLS_CA_FILE:-}"
+export REDIS_TLS_CA_DIR="${REDIS_TLS_CA_DIR:-}"
 export REDIS_TLS_DH_PARAMS_FILE="${REDIS_TLS_DH_PARAMS_FILE:-}"
 export REDIS_TLS_AUTH_CLIENTS="${REDIS_TLS_AUTH_CLIENTS:-yes}"
 
diff --git a/bitnami/redis/7.2/debian-11/rootfs/opt/bitnami/scripts/libredis.sh b/bitnami/redis/7.2/debian-11/rootfs/opt/bitnami/scripts/libredis.sh
index 09ad07460a170..1fca0bdfa763c 100644
--- a/bitnami/redis/7.2/debian-11/rootfs/opt/bitnami/scripts/libredis.sh
+++ b/bitnami/redis/7.2/debian-11/rootfs/opt/bitnami/scripts/libredis.sh
@@ -228,7 +228,11 @@ redis_validate() {
             print_validation_error "The private key file in the specified path ${REDIS_TLS_KEY_FILE} does not exist"
         fi
         if [[ -z "$REDIS_TLS_CA_FILE" ]]; then
-            print_validation_error "You must provide a CA X.509 certificate in order to use TLS"
+            if [[ -z "$REDIS_TLS_CA_DIR" ]]; then
+                print_validation_error "You must provide either a CA X.509 certificate or a CA certificates directory in order to use TLS"
+            elif [[ ! -d "$REDIS_TLS_CA_DIR" ]]; then
+                print_validation_error "The CA certificates directory specified by path ${REDIS_TLS_CA_DIR} does not exist"
+            fi
         elif [[ ! -f "$REDIS_TLS_CA_FILE" ]]; then
             print_validation_error "The CA X.509 certificate file in the specified path ${REDIS_TLS_CA_FILE} does not exist"
         fi
@@ -265,7 +269,9 @@ redis_configure_replication() {
     elif [[ "$REDIS_REPLICATION_MODE" =~ ^(slave|replica)$ ]]; then
         if [[ -n "$REDIS_SENTINEL_HOST" ]]; then
             local -a sentinel_info_command=("redis-cli" "-h" "${REDIS_SENTINEL_HOST}" "-p" "${REDIS_SENTINEL_PORT_NUMBER}")
-            is_boolean_yes "$REDIS_TLS_ENABLED" && sentinel_info_command+=("--tls" "--cert" "${REDIS_TLS_CERT_FILE}" "--key" "${REDIS_TLS_KEY_FILE}" "--cacert" "${REDIS_TLS_CA_FILE}")
+            is_boolean_yes "$REDIS_TLS_ENABLED" && sentinel_info_command+=("--tls" "--cert" "${REDIS_TLS_CERT_FILE}" "--key" "${REDIS_TLS_KEY_FILE}")
+            is_empty_value "$REDIS_TLS_CA_FILE" && sentinel_info_command+=("--cacertdir" "${REDIS_TLS_CA_DIR}")
+            ! is_empty_value "$REDIS_TLS_CA_FILE" && sentinel_info_command+=("--cacert" "${REDIS_TLS_CA_FILE}")
             sentinel_info_command+=("sentinel" "get-master-addr-by-name" "${REDIS_SENTINEL_MASTER_NAME}")
             read -r -a REDIS_SENTINEL_INFO <<< "$("${sentinel_info_command[@]}" | tr '\n' ' ')"
             REDIS_MASTER_HOST=${REDIS_SENTINEL_INFO[0]}
@@ -431,7 +437,8 @@ redis_configure_default() {
             fi
             redis_conf_set tls-cert-file "$REDIS_TLS_CERT_FILE"
             redis_conf_set tls-key-file "$REDIS_TLS_KEY_FILE"
-            redis_conf_set tls-ca-cert-file "$REDIS_TLS_CA_FILE"
+            ! is_empty_value "$REDIS_TLS_CA_FILE" && redis_conf_set tls-ca-cert-file "$REDIS_TLS_CA_FILE"
+            is_empty_value "$REDIS_TLS_CA_FILE" && redis_conf_set tls-ca-cert-dir "$REDIS_TLS_CA_DIR"
             ! is_empty_value "$REDIS_TLS_KEY_FILE_PASS" && redis_conf_set tls-key-file-pass "$REDIS_TLS_KEY_FILE_PASS"
             [[ -n "$REDIS_TLS_DH_PARAMS_FILE" ]] && redis_conf_set tls-dh-params-file "$REDIS_TLS_DH_PARAMS_FILE"
             redis_conf_set tls-auth-clients "$REDIS_TLS_AUTH_CLIENTS"
diff --git a/bitnami/redis/7.2/debian-11/rootfs/opt/bitnami/scripts/redis-env.sh b/bitnami/redis/7.2/debian-11/rootfs/opt/bitnami/scripts/redis-env.sh
index ed9a7f67a4f5c..5d3bb6b61705d 100644
--- a/bitnami/redis/7.2/debian-11/rootfs/opt/bitnami/scripts/redis-env.sh
+++ b/bitnami/redis/7.2/debian-11/rootfs/opt/bitnami/scripts/redis-env.sh
@@ -51,6 +51,7 @@ redis_env_vars=(
     REDIS_TLS_KEY_FILE
     REDIS_TLS_KEY_FILE_PASS
     REDIS_TLS_CA_FILE
+    REDIS_TLS_CA_DIR
     REDIS_TLS_DH_PARAMS_FILE
     REDIS_TLS_AUTH_CLIENTS
     REDIS_SENTINEL_MASTER_NAME
@@ -120,6 +121,7 @@ export REDIS_TLS_CERT_FILE="${REDIS_TLS_CERT_FILE:-}"
 export REDIS_TLS_KEY_FILE="${REDIS_TLS_KEY_FILE:-}"
 export REDIS_TLS_KEY_FILE_PASS="${REDIS_TLS_KEY_FILE_PASS:-}"
 export REDIS_TLS_CA_FILE="${REDIS_TLS_CA_FILE:-}"
+export REDIS_TLS_CA_DIR="${REDIS_TLS_CA_DIR:-}"
 export REDIS_TLS_DH_PARAMS_FILE="${REDIS_TLS_DH_PARAMS_FILE:-}"
 export REDIS_TLS_AUTH_CLIENTS="${REDIS_TLS_AUTH_CLIENTS:-yes}"
 
diff --git a/bitnami/redis/README.md b/bitnami/redis/README.md
index f6442ea28f407..105340a8a698d 100644
--- a/bitnami/redis/README.md
+++ b/bitnami/redis/README.md
@@ -476,9 +476,12 @@ Starting with version 6, Redis(R) adds the support for SSL/TLS connections. Shou
 * `REDIS_TLS_CERT_FILE`: File containing the certificate file for the TLS traffic. No defaults.
 * `REDIS_TLS_KEY_FILE`: File containing the key for certificate. No defaults.
 * `REDIS_TLS_CA_FILE`: File containing the CA of the certificate. No defaults.
+* `REDIS_TLS_CA_DIR`: Directory containing the CA certificates. No defaults.
 * `REDIS_TLS_DH_PARAMS_FILE`: File containing DH params (in order to support DH based ciphers). No defaults.
 * `REDIS_TLS_AUTH_CLIENTS`: Whether to require clients to authenticate or not. Defaults to `yes`.
 
+When both `REDIS_TLS_CA_FILE` and `REDIS_TLS_CA_DIR` are set, `REDIS_TLS_CA_FILE` is used preferentially.
+
 When enabling TLS, conventional standard traffic is disabled by default. However this new feature is not mutually exclusive, which means it is possible to listen to both TLS and non-TLS connection simultaneously. To enable non-TLS traffic, set `REDIS_TLS_PORT_NUMBER` to another port different than `0`.
 
 1. Using `docker run`