- #Stunnel windows configuration how to#
- #Stunnel windows configuration install#
- #Stunnel windows configuration drivers#
- #Stunnel windows configuration code#
- #Stunnel windows configuration download#
We use a file called lechain.pem which, for simplicity, is located in the same directory as the stunredis.sh script. This points to a file with the certificates needed to verify the connection. About lechain.pemįinally, there's the CAfile= setting. You will want to do that if you want to run two or more instances of this script at the same time. You can override it with your own local port by adding the port number as a separate parameter after the connection string when running the script. The value is actually our default setting for a port. That "6830" in the accept= line is the setting for the local port.
#Stunnel windows configuration code#
The same code also extracts the password from the connection string, but we don't use that in the stunnel configuration. The hostname and port - and combined host and port - have been parsed from the connection string. Stunnelconf+=$"accept=127.0.0.1:$LOCALPORT\n"įor our example session above, the result would look like this: foreground=yesĬheckHost=.comĬonnect=.com:23176 Here's the code that builds that string: # Now we create our configuration file as a variable What we put into stdin, by way of an echo -e command is a string we've composed to look like an appropriate configuration file. We'll use 0 to take that input from stdin. We can only assume that someone else somewhere had a similar need to create on the fly configurations for stunnel because one of the options on the command is -fd N which tells it to take its configuration data from a numbered file descriptor.
#Stunnel windows configuration install#
On macOS, we recommend the Homebrew package manager once installed just run brew install redis stunnel and you'll be good to run the script. the script closes down the stunnel session.īefore doing this, of course, you'll need to install the stunnel and redis-cli commands. When the user exits the redis-cli session. Here you can see stunnel starting up and making the connection and letting the user interact through redis-cli.
All you need to pass to the script is the connection string for a deployment and the script does the rest.
#Stunnel windows configuration download#
Download it and chmod u+x stunredis.sh to make the script executable. You'll find the script and associated files to download in the ibm-watson-data-lab/stunredis Github repository. We've put together a script called stunredis.sh which uses the stunnel utility but in such a way that there's no configuration file. and you may only need to just dive in for a minute to run a couple of commands. Then, for each one, you have to go edit /usr/local/etc/stunnel/nf file and add an entry for that server and allocate a port for that server. The only thing is if you have more than one Redis deployment to work with. The initial solution to that problem is, as we documented at the time, to install and configure the stunnel utility which wraps a connection in a TLS/SSL encryption tunnel and then send the redis-cli connection down that. There's just one problem: the redis-cli command.
#Stunnel windows configuration drivers#
That formula has led to many, if not most Redis drivers and libraries knowing about TLS or supporting the informal "rediss://" protocol. The thing with Redis is there's no out of the box TLS/SSL support but there is a community formula - using a TLS/SSL enabled proxy in front of the database server - to provide that functionality. When we introduced TLS/SSL connections to Redis at Compose we knew we would have some explaining and teaching to do. If you have TLS/SSL secured Redis, you'll want this. Introducing stunredis, a script to turn the trickiness of configuring a TLS/SSL tunnel for Redis into an automated breeze, and showing you how the magic is done.
#Stunnel windows configuration how to#
How to stunnel to Redis on-demand with stunredis redis tls compose Free 30 Day Trial
0 kommentar(er)
