tem*_*uri 17 ssl nginx websocket ratchet
我一直试图通过SSL运行Ratchet.io(这个问题:php棘轮websocket SSL连接?).
我的网络服务器在myhost.mobi上运行,我为websocket服务"wws.myhost.mobi"创建了一个单独的虚拟主机.
我的网络套接字:
$webSock = new React\Socket\Server($loop);
$webSock->listen(8080, '0.0.0.0');
$webServer = new Ratchet\Server\IoServer(
new Ratchet\Http\HttpServer(
new Ratchet\WebSocket\WsServer(
new Ratchet\Wamp\WampServer(
$pusher
)
)
),
$webSock
);
我的nginx配置(我在nginx 1.5.8上):
upstream websocketserver {
server localhost:8080;
}
server {
server_name wss.myapp.mobi;
listen 443;
ssl on;
ssl_certificate /etc/ssl/myapp-mobi-ssl.crt;
ssl_certificate_key /etc/ssl/myapp-mobi.key;
access_log /var/log/wss-access-ssl.log;
error_log /var/log/wss-error-ssl.log;
location / {
proxy_pass http://websocketserver;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_read_timeout 86400; # neccessary to avoid websocket timeout disconnect
proxy_redirect off;
}
}
我的客户端脚本:
var conn = new ab.Session('wss://wss.myapp.mobi', function(o) {
// ...
}, function() {
console.warn('WebSocket connection closed');
}, {
skipSubprotocolCheck: true
});
因此,当我在Firefox中加载页面时,我看到与wss://wss.myapp.mobi:8080 /的传出连接,它挂起(微调器)并且永远不会完成或死亡.我没有看到任何跟踪请求到达日志中的后端.
我在那里错过了什么?
谢谢!
编辑我已经意识到我应该连接到wss://wss.myapp.mobi,但现在我正在获得"101 Switching Protocols"状态.
编辑2现在使用上面的配置一切正常."101 Switching Protocols"状态证明是正常消息.问题解决了!
通过检查问题编辑历史,很明显,问题中的配置是正确的,temuri试图从设置了端口的客户端连接,
upstream websocketserver {
server localhost:8080;
}
但是这个代码块告诉 Nginx 有一个 tcp 服务器运行在端口 8080 上,将它表示为websocketserver别名,但运行的服务器是不可访问的。
检查以下配置,
server {
server_name wss.myapp.mobi;
listen 443;
ssl on;
ssl_certificate /etc/ssl/myapp-mobi-ssl.crt;
ssl_certificate_key /etc/ssl/myapp-mobi.key;
access_log /var/log/wss-access-ssl.log;
error_log /var/log/wss-error-ssl.log;
location / {
proxy_pass http://websocketserver;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_read_timeout 86400; # neccessary to avoid websocket timeout disconnect
proxy_redirect off;
}
}
此配置将域绑定wss.myapp.mobi到端口 443,启用 ssl 并proxy通过proxy_pass指令将请求发送到本地 websocket 服务器,其余指令用于连接升级处理。
因此可以从浏览器客户端访问 websocket 服务器
// connect through binded domain
// instead of wss.myapp.mobi:8080 which will not work
var url = 'wss://wss.myapp.mobi';
| 归档时间: |
|
| 查看次数: |
7726 次 |
| 最近记录: |