Open in app

Sign in

Write

Sign in

Connecting to Azure Cache (Redis) with redis-cli and stunnel

Jordan Lee
2 min readDec 17, 2020

--

If you’re using Azure Cache for Redis (managed redis instances in Azure), chances are it’s set up for SSL-only connections.

In this case, you’ll find that any commands you send over redis-cli end up timing out:

redis-cli -h digital-test.redis.cache.windows.net -p 6380 -a [password]
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
digital-test.redis.cache.windows.net:6380> pingError: Server closed the connection
(233.57s)

This is because redis-cli doesn’t work with SSL connections. To get around this, you have the following options:

  • Disable SSL-only configuration (not recommended due to security concerns)
  • Connect using the Azure console
  • Using stunnel to tunnel your redis connection over a TLS connection

The first 2 options require logging into Azure Portal, as well as a high level of permissions which you may not have (depending on whether Redis in your environment is managed by another team or not).

So I tend towards option 3 — stunnel with redis-cli.

Here’s how to set it up on Ubuntu (I’m using WSL2 on Windows 10).

1. Install required packages

Install stunnel and redis-tools (if not already installed)

# Update your system
sudo apt-get update
sudo apt-get upgrade -y# Install stunnel and redis-tools (redis-cli)
sudo apt-get install stunnel4 redis-tools

2. Configure stunnel to connect to Azure Cache

Create a new stunnel configuration:

sudo vim /etc/stunnel/azure-cache.conf

Add the following:

pid = /tmp/stunnel.pid
delay = yes
[redis-cli]
  client = yes
  accept = 127.0.0.1:8000
  connect = digital-test.redis.cache.windows.net:6380
  • pid: this is just a file which stores the process id (pid).
  • delay = yes : stunnel doens’t attempt to cache IP address

3. Start stunnel and connect

You’re now ready to start tunneling redis-cli connections over stunnel:

# Start stunnel
sudo service stunnel4 start# Connect to redis through stunnel
redis-cli -h localhost -p 8000 -a [yourpassword]# Test!
Warning: Using a password with '-a' or '-u' option on the command line interface may not be safe.
localhost:8000> ping
PONG
localhost:8000> set abc 123 EX 20
OK
localhost:8000> get abc
"123"
Redis
Azure
Azure Cache

--

--

Jordan Lee

Written by Jordan Lee

485 Followers

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams