-
-
Notifications
You must be signed in to change notification settings - Fork 614
/
Copy pathredis-ocsp.config
33 lines (33 loc) · 1.18 KB
/
redis-ocsp.config
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
port 0
tls-port 4218
save 60 1
maxmemory-policy noeviction
loglevel warning
# List of renamed commands comes from:
# https://www.digitalocean.com/community/tutorials/how-to-secure-your-redis-installation-on-ubuntu-18-04
rename-command BGREWRITEAOF ""
rename-command BGSAVE ""
rename-command CONFIG ""
rename-command DEBUG ""
rename-command DEL ""
rename-command FLUSHALL ""
rename-command FLUSHDB ""
rename-command KEYS ""
rename-command PEXPIRE ""
rename-command RENAME ""
rename-command SAVE ""
rename-command SHUTDOWN ""
rename-command SPOP ""
rename-command SREM ""
user default off
user rocsp-tool on +@all ~* >e4e9ce7845cb6adbbc44fb1d9deb05e6b4dc1386
user ocsp-responder on +@all ~* >0e5a4c8b5faaf3194c8ad83c3dd9a0dd8a75982b
user boulder-ra on +@all ~* >b3b2fcbbf46fe39fd522c395a51f84d93a98ff2f
user admin-user on +@all ~* >435e9c4225f08813ef3af7c725f0d30d263b9cd3
user unittest-rw on +@all ~* >824968fa490f4ecec1e52d5e34916bdb60d45f8d
masteruser admin-user
masterauth 435e9c4225f08813ef3af7c725f0d30d263b9cd3
tls-protocols "TLSv1.3"
tls-cert-file /test/certs/ipki/redis/cert.pem
tls-key-file /test/certs/ipki/redis/key.pem
tls-ca-cert-file /test/certs/ipki/minica.pem