Stunnel a Proxy to ship the log on SSL

Introduction

p { margin-bottom: 0.25cm; line-height: 120%; }a:link { }

Few days ago I got a task to create the SSL connection with logstash redis plug-in with Azure Redis. As we are shipping the logs form the several data center to the Azure Redis. So logs must be shipped on SSL connection. There is no provision to create SSL connection through logstash redis plug-in thats why logstash redis plug-in is not able to make SSL connection with Azure redis.To resolve this problem we have to setup the stunnel as proxy front of the logstash redis plug-in. Stunnel can create SSL connection with Azure redis and Stunnel provide non-ssl connection for the logstash redis plug-in.

p { margin-bottom: 0.25cm; line-height: 120%; }a:link { Azure redis provide two type of connections, SSL on 6380 port and non SSL on 6379 port and also provide primary and secondary key(password).

Installation

Install Stunnel on the ubuntu.

$ sudo apt-get install stunnel  

Configuration

Create a configuration for stunnel /etc/stunnel/stunnel.conf and put the following lines into the configure file.

setuid = root
setgid = root
pid = /var/run/stunnel-azureredis.pid
debug = 7
output = /var/log/stunnel4/azureredis.log
options = NO_SSLv2
options = NO_SSLv3
[azureredis]
accept=127.0.0.1:6379
connect=:6380
client=yes
Timeout idle = 30

p { margin-bottom: 0.25cm; line-height: 120%; }a:link { }

Restart the stunnel4
p { margin-bottom: 0.25cm; line-height: 120%; }a:link { }
$ service stunnel4 restart

Install Redis-cli to test the connection try to ping the redis azure it should reply as PONG

$ redis-cli -a
127.0.0.1:6379> ping
PONG

Now you can make SSL connection with azure redis on SSL.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s