我已经用这些指令在数字海洋上创建了一个redis服务器
https://www.digitalocean.com/community/tutorials/how-to-encrypt-traffic-to-redis-with-stunnel-on-ubuntu-16-04
我正试图用一个简单的C控制台应用程序连接到它
using System;
using StackExchange.Redis;
using System.Security.Cryptography.X509Certificates;
namespace TestingRedis
{
class Program
{
static void Main(string[] args)
{
var configurationOptions = new ConfigurationOptions
{
EndPoints = { "PUBLIC IP:6379" },
Ssl = true,
//AbortOnConnectFail = false
};
configurationOptions.CertificateSelection += OptionsOnCertificateSelection;
var redis = ConnectionMultiplexer.Connect(configurationOptions);
var db = redis.GetDatabase();
string test = "Yes it works";
db.StringSet("hello", test);
string testRetrieve = db.StringGet("hello");
Console.WriteLine(testRetrieve);
Console.ReadLine();
}
private static X509Certificate OptionsOnCertificateSelection(object s, string t, X509CertificateCollection local, X509Certificate remote, string[] a)
{
return new X509Certificate2(@"C:\redis-server.crt");
}
}
}
每当我尝试连接时,都会引发以下异常
附加信息:无法连接到redis服务器;若要创建断开连接的多路复用器,请禁用abortonconnectfail。ping上的身份验证失败
运行netstat-plunt时,可以看到stunnel正在监听。
这里是stunnel配置信息
pid = /run/stunnel-redis.pid
[redis-server]
cert = /etc/stunnel/redis-server.crt
key = /etc/stunnel/redis-server.key
accept = PUBLIC IP:6379
connect = 127.0.0.1:6379
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 PUBLIC IP:6379 0.0.0.0:* LISTEN 13736/stunnel4
最佳答案
为stunnel创建自签名证书时,我将组织名和公用名设置为redis服务器的公用ip地址。这就解决了连接问题。
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:PUBLIC IP
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:PUBLIC IP
Email Address []:
关于c# - 使用StackExchange.Redis和stunnel在Redis上创建SSL连接,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/46022944/