保护节点Redis [英] Securing Node Redis
问题描述
我正在尝试保护 Node Redis IPC 服务器以使用私钥/公钥.我遵循了 本教程 使用 stunnel
将 Redis 使用的隧道包装在 SSL 层下.
I'm trying to secure the Node Redis IPC server to use a private/public key. I've followed this tutorial which uses stunnel
which wraps the tunnel used by Redis under a SSL layer.
该示例不适用于 Node,但它确实保护了连接,并且只有在我的配置文件中包含认证时我才能连接到服务器,否则连接将被重置.
The example is not for Node, but it does secure the connection, and I only can connect to the server if I include the certification in my config file, otherwise the connection is reseted.
但是,我无法用 NodeJS 复制它.在我的服务器计算机上,我有:
However, I cannot replicate this with NodeJS. On my server computer, I have:
var redis = require('redis');
var client = redis.createClient();
client.auth('myPassword');
client.publish('instances', 'start');
我在我的客户端计算机上有:
And my on my client computer I have:
var redis = require('redis');
var client = redis.createClient();
client.auth('myPassword');
client.subscribe('instances');
client.on('message', function (channel, message) {
console.log("Got message " + message + " from channel " + channel);
})
但是,无论我是否在 stunnel
配置文件中包含认证,这两个设备都会进行通信.如何确保此连接的安全?
But, the two devices communicate whether or not I include the certification in my stunnel
config file. How can I secure this connection up?
干杯
推荐答案
你可以通过在创建客户端时传入 tls 配置来做到这一点
You can do this by passing in the tls configuration when creating the client like so
var redis = require("redis");
var client = redis.createClient(6380,'location.of.server', {auth_pass: 'password', tls: {servername: 'location.of.server'}});
这篇关于保护节点Redis的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!