分布式缓存服务 DCS-Jedis客户端连接Redis（Java）:SSL连接配置（可选配置）

时间：2025-01-02 18:45:49

分布式缓存服务 DCS

SSL连接配置（可选配置）

当实例开启了SSL，通过SSL连接实例时，请使用以下内容替换基于Bean方式配置中的JedisClientConfiguration构造方法clientConfiguration()。Redis实例支持SSL的情况请参考配置Redis SSL 数据加密传输。

@Bean
public JedisClientConfiguration clientConfiguration() throws Exception {
    JedisClientConfiguration.JedisClientConfigurationBuilder configurationBuilder
        = JedisClientConfiguration.builder()
        .connectTimeout(Duration.ofMillis(redisConnectTimeout))
        .readTimeout(Duration.ofMillis(redisReadTimeout));

    configurationBuilder.usePooling().poolConfig(redisPoolConfig());
    configurationBuilder.useSsl().sslSocketFactory(getTrustStoreSslSocketFactory());
    return configurationBuilder.build();
}

private SSLSocketFactory getTrustStoreSslSocketFactory() throws Exception{
    //加载自定义路径下的ca证书,可结合具体业务配置
    CertificateFactory cf = CertificateFactory.getInstance("X.509");
    Certificate ca;
    try (InputStream is = new FileInputStream("./ca.crt")) {
        ca = cf.generateCertificate(is);
    }

    //创建keystore
    String keyStoreType = KeyStore.getDefaultType();
    KeyStore keyStore = KeyStore.getInstance(keyStoreType);
    keyStore.load(null, null);
    keyStore.setCertificateEntry("ca", ca);

    //创建TrustManager
    TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(
        TrustManagerFactory.getDefaultAlgorithm());
    trustManagerFactory.init(keyStore);

    //创建SSLContext
    SSLContext context = SSLContext.getInstance("TLS");
    context.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
    return context.getSocketFactory();
}

上一篇：分布式缓存服务 DCS-Jedis客户端连接Redis（Java）:DCS实例配置建议

下一篇：分布式缓存服务 DCS-Jedis客户端连接Redis（Java）:DCS实例配置建议