Nginx配置WSS

Question

Nginx配置WSS

我在通过WSS连接到我的服务器时遇到问题.我按照以下文章使用websockets设置nginx:http://www.letseehere.com/reverse-proxy-web-sockets

以下是我的nginx配置,它提供Play!应用:

#user  nobody;
worker_processes  1;  

error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {
    worker_connections  1024;
}

tcp {

     upstream websockets {
      ## Play! WS location
       server 127.0.0.1:9000;
     }    

    server {
        listen 80; 
        listen 8000;
        server_name socket.domain.com;

        tcp_nodelay on; 
        proxy_pass websockets;
        proxy_send_timeout 300;
    }   

     # virtual hosting
     #include /usr/local/nginx/vhosts/*;
}

http {

  server {
        listen 443 ssl;
        server_name socket.artoo.in;

        ssl_certificate      /usr/local/nginx/key/socket.domain.com.crt;
        ssl_certificate_key  /usr/local/nginx/key/socket.domain.com.key;

        ssl_session_timeout  5m;

        ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers   on;

        location / {
            proxy_pass http://127.0.0.1:9000;
        }
  }
}

Run Code Online (Sandbox Code Playgroud)

当服务器上访问http://socket.domain.com,https://socket.domain.com,WS://socket.domain.com但不是WSS://socket.domain.com

Answer 1

cro*_*ies 5

我能够以问答形式整理一份指南，向您展示如何使用 NGINX 模块完成所有这些工作，更容易;)

NGINX 反向代理 websockets 并启用 SSL (wss://)？

您将需要重建 NGINX 并按照上述问题中的配置进行操作。

Answer 2

Sam*_*gal 4

我至少已经通过使用 stunnel 解决了短期问题（参考这篇文章：http://www.darkcoding.net/software/proxy-socket-io-and-nginx-on-the-same-port-over -ssl/）。

Stunnel 可以将 HTTPS 转换为 HTTP，并通过该令牌将 WSS 转换为 WS。Nginx 像往常一样为在 9000 端口上运行的套接字应用程序提供服务：

/etc/stunnel/stunnel.conf

[https]
accept  = 443
connect = 80 
TIMEOUTclose = 0

Run Code Online (Sandbox Code Playgroud)

/usr/local/nginx/conf/nginx.conf

#user  nobody;
worker_processes  1;  

error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;

events {
    worker_connections  1024;
}

tcp {

     upstream websockets {
      ## Play! WS location
       server 127.0.0.1:9000;
       check interval=3000 rise=2 fall=5 timeout=1000;
     }    

    server {
        listen 80; 
        listen 8000;
        server_name socket.artoo.in;

        tcp_nodelay on; 
        proxy_pass websockets;
        proxy_send_timeout 300;

    }   

     # virtual hosting
     #include /usr/local/nginx/vhosts/*;
}

#http {
#
#  server {
#        listen 443 ssl;
#        server_name socket.artoo.in;
#
#        ssl_certificate      /usr/local/nginx/key/socket.domain.com.crt;
#        ssl_certificate_key  /usr/local/nginx/key/socket.domain.com.key;
#
#        ssl_session_timeout  5m;
#
#        ssl_protocols  SSLv2 SSLv3 TLSv1;
#        ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
#        ssl_prefer_server_ciphers   on;
#
#        location / {
#            proxy_pass http://127.0.0.1:9000;
#        }
#  }
#}

Run Code Online (Sandbox Code Playgroud)

现在我唯一需要担心的是如何增加 nginx 上 websockets 的超时时间，连接似乎每 75 秒就会中断一次（nginx 默认）。

归档时间：	13 年，7 月前
查看次数：	33581 次
最近记录：	13 年，3 月前