I'm trying to secure the Node Redis IPC server to use a private/public key. I've followed this tutorial which uses stunnel which wraps the tunnel used by Redis under a SSL layer.
The example is not for Node, but it does secure the connection, and I only can connect to the server if I include the certification in my config file, otherwise the connection is reseted.
However, I cannot replicate this with NodeJS. On my server computer, I have:
var redis = require('redis');
var client = redis.createClient();
client.auth('myPassword');
client.publish('instances', 'start');
And my on my client computer I have:
var redis = require('redis');
var client = redis.createClient();
client.auth('myPassword');
client.subscribe('instances');
client.on('message', function (channel, message) {
console.log("Got message " + message + " from channel " + channel);
})
But, the two devices communicate whether or not I include the certification in my stunnel config file. How can I secure this connection up?
Cheers
You can do this by passing in the tls configuration when creating the client like so
var redis = require("redis");
var client = redis.createClient(6380,'location.of.server', {auth_pass: 'password', tls: {servername: 'location.of.server'}});