Redis版本7.2.1
下载源文件
wget https://github.com/redis/redis/archive/7.2.1.tar.gz
解压缩
tar -xzvf 7.2.1.tar.gz
cd redis-7.2.1/
编译前,需要安装OpenSSL开发库
sudo apt install libssl-dev
sudo apt install libsystemd-dev
编译
make BUILD_TLS=yes USE_SYSTEMD=yes
安装到指定目录(这里安装到用户目录,系统目录需要之后chmod)
make PREFIX=~/redis install
cd ~/redis
mkdir conf
mkdir tls
mkdir data
回到源码目录
cd utils
mkdir ca
../gen-test-certs.sh
cd ./test/tls
cp * ~/redis/tls/
到源码目录
cp redis.conf ~/redis/conf/
cd ~/redis/conf/
vim redis.conf
更改配置文件redis.conf
bind 0.0.0.0
protected-mode no
port 0
tls-port 6379
tls-cert-file ~/redis/tls/redis.crt
tls-key-file ~/redis/tls/redis.key
tls-client-cert-file ~/redis/tls/client.crt
tls-client-key-file ~/redis/tls/client.key
tls-dh-params-file ~/redis/tls/redis.dh
tls-ca-cert-file ~/redis/tls/ca.crt
dir ~/redis/data
~ 需要替换成用户的真实路径
启动redis
cd ~/redis/bin/
./redis-server ~/redis/conf/redis.conf
验证tls
./redis-cli --tls --cert ~/redis/tls/redis.crt --key ~/redis/tls/redis.key --cacert ~/redis/tls/ca.crt
127.0.0.1:6379> set version "1.0"
OK
127.0.0.1:6379> get version
"1.0"
安装为服务,sudo vim /etc/systemd/system/redis.service
[Unit]
Description=Redis data structure server
Documentation=https://redis.io/documentation
After=network-online.target
[Service]
ExecStart=/home/ubuntu/redis/bin/redis-server /home/ubuntu/redis/conf/redis.conf
LimitNOFILE=10032
NoNewPrivileges=yes
Type=notify
TimeoutStartSec=10
TimeoutStopSec=10
UMask=0077
[Install]
WantedBy=multi-user.target
