使用StackExchange.Redis和stunnel在Redis上创建SSL连接

Question

I have created a Redis server on Digital ocean using these instructions 我已按照以下说明在Digital ocean上创建了Redis服务器

https://www.digitalocean.com/community/tutorials/how-to-encrypt-traffic-to-redis-with-stunnel-on-ubuntu-16-04 https://www.digitalocean.com/community/tutorials/how-to-encrypt-traffic-to-redis-with-stunnel-on-ubuntu-16-04

I am attempting to connect to it with a simple C# console application 我试图通过一个简单的C＃控制台应用程序连接到它

using System;
using StackExchange.Redis;
using System.Security.Cryptography.X509Certificates;


namespace TestingRedis
{
    class Program
    {
        static void Main(string[] args)
        {

            var configurationOptions = new ConfigurationOptions
            {
                EndPoints = { "PUBLIC IP:6379" },
                Ssl = true,
                //AbortOnConnectFail = false

            };

            configurationOptions.CertificateSelection += OptionsOnCertificateSelection;

            var redis = ConnectionMultiplexer.Connect(configurationOptions);
            var db = redis.GetDatabase();

            string test = "Yes it works";
            db.StringSet("hello", test);

            string testRetrieve = db.StringGet("hello");
            Console.WriteLine(testRetrieve);
            Console.ReadLine();

        }

        private static X509Certificate OptionsOnCertificateSelection(object s, string t, X509CertificateCollection local, X509Certificate remote, string[] a)
        {
            return new X509Certificate2(@"C:\redis-server.crt");
        }

    }
}

Whenever I attempt to connect the following exception is thrown 每当我尝试连接时，都会引发以下异常

Additional information: It was not possible to connect to the redis server(s); 附加信息：无法连接到Redis服务器。 to create a disconnected multiplexer, disable AbortOnConnectFail. 要创建断开的多路复用器，请禁用AbortOnConnectFail。 AuthenticationFailure on PING PING上的身份验证失败

When running netstat -plunt you can see stunnel is listening. 运行netstat -plunt时，您可以看到stunnel正在监听。

Here us the stunnel config information 这是我们的隧道配置信息

pid = /run/stunnel-redis.pid
[redis-server]
cert = /etc/stunnel/redis-server.crt
key = /etc/stunnel/redis-server.key
accept = PUBLIC IP:6379
connect = 127.0.0.1:6379

Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 PUBLIC IP:6379     0.0.0.0:*               LISTEN      13736/stunnel4

Answer 1

When creating the self signed certificate for stunnel I set the Organization Name and Common Name to the public IP address of my redis server. 为通道创建自签名证书时，我将组织名称和通用名称设置为我的Redis服务器的公共IP地址。 This then solved the connection problem. 这样就解决了连接问题。

Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:PUBLIC IP
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:PUBLIC IP
Email Address []:

使用StackExchange.Redis和stunnel在Redis上创建SSL连接

问题描述

1 个解决方案

解决方案1
0 2017-09-03 22:58:59

使用StackExchange.Redis和stunnel在Redis上创建SSL连接

问题描述

1 个解决方案

解决方案1 0 2017-09-03 22:58:59

解决方案1
0 2017-09-03 22:58:59