保护节点Redis [英] Securing Node Redis

问题描述

我正在尝试保护 Node Redis IPC 服务器以使用私钥/公钥.我遵循了 本教程 使用 stunnel 将 Redis 使用的隧道包装在 SSL 层下.

I'm trying to secure the Node Redis IPC server to use a private/public key. I've followed this tutorial which uses stunnel which wraps the tunnel used by Redis under a SSL layer.

该示例不适用于 Node，但它确实保护了连接，并且只有在我的配置文件中包含认证时我才能连接到服务器，否则连接将被重置.

The example is not for Node, but it does secure the connection, and I only can connect to the server if I include the certification in my config file, otherwise the connection is reseted.

但是，我无法用 NodeJS 复制它.在我的服务器计算机上，我有:

However, I cannot replicate this with NodeJS. On my server computer, I have:

var redis = require('redis'); 
var client = redis.createClient();

client.auth('myPassword');
client.publish('instances', 'start');

我在我的客户端计算机上有:

And my on my client computer I have:

var redis = require('redis');
var client = redis.createClient();

client.auth('myPassword');
client.subscribe('instances');
client.on('message', function (channel, message) {
  console.log("Got message " + message + " from channel " + channel);
})

但是，无论我是否在 stunnel 配置文件中包含认证，这两个设备都会进行通信.如何确保此连接的安全?

But, the two devices communicate whether or not I include the certification in my stunnel config file. How can I secure this connection up?

干杯

推荐答案

你可以通过在创建客户端时传入 tls 配置来做到这一点

You can do this by passing in the tls configuration when creating the client like so

var redis = require("redis");

var client = redis.createClient(6380,'location.of.server', {auth_pass: 'password', tls: {servername: 'location.of.server'}});

这篇关于保护节点Redis的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！