Open in app

Sign in

Write

Sign in

Remote Redis Connection Using Stunnel

Rajeev Ramachandran
2 min readJul 24, 2019

--

Photo by Jordan Harrison on Unsplash

When you are connecting to a remote Redis server but you are unable to execute any queries because of the ‘connection reset by peer’ exception that is because your server is non-SSL aware.

Error — Connection reset by peer

What is Stunnel

Stunnel is a proxy designed to add TLS encryption functionality to existing clients and servers without any changes in the programs’ code.

Installing Stunnel

In Mac

The easiest way to install Stunnel on Mac is to use Homebrew. If you don't have Homebrew, please follow the instructions here to install Homebrew.
Once you have Homebrew installed, execute the below command from the terminal

$ brew install stunnel

In Windows

Download the Windows binary file from Stunnel.org. Double-click on the executable and install using the default values

Certificate Configuration

Stunnel requires a pem file, regardless of whether or not the data is used. You can use the automatically generated one if you don’t need to present the key.

Configure Stunnel to use Redis remote server

  1. Go to the stunnel configuration location, in Mac it is /usr/local/etc/stunnel
  2. Edit the stunnel.conf file or create one if it is not present
  3. Add the below details and save
fips = no
setuid = <<your user id, you may find using whoami or give as root>
setgid = <<your group id, you may find by executing id commnad on your terminal>>
pid = /var/run/stunnel.pid
debug = 7
options = NO_SSLv2
options = NO_SSLv3
[redis-cli]
client = yes
accept = 127.0.0.1:6379
connect = <<your remote redis host name>>:<<your remote redis por>>

4. Start stunnel

$ stunnel

5. Connect to your remote Redis server using 127.0.0.1:6379 since you bind your remote to localhost

How to Add Multiple Redis Configurations?

Modify your stunnel.conf file like below,

fips = no
setuid = <<your user id, you may find using whoami or give as root>
setgid = <<your group id, you may find by executing id commnad on your terminal>>
pid = /var/run/stunnel.pid
debug = 7
options = NO_SSLv2
options = NO_SSLv3[redis-cli-dev]
client = yes
accept = 127.0.0.1:6379
connect = <<your remote redis host name>>:<<your remote redis por>>[redis-cli-test]
client = yes
accept = 127.0.0.1:6389 -- adding a new port number here
connect = <<your remote redis host name>>:<<your remote redis por>>
Redis
Stunnel

--

--

Rajeev Ramachandran

Written by Rajeev Ramachandran

14 Followers

Architecting experience-driven enterprise commerce platforms! Cloud, Microservices and Digital Transformation enthusiast.

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams