egg-socked.io客户端访问服务端时,会在端口号或ip后增加:
socket.io/?EIO=3&transport=polling字样,
服务器ip绑定的域名如果分配给了多个服务去使用,那么通过访问路径去配置egg-socket.io访问设置,多半不会成功,起码我没有成功。我解决egg-socket.io中wss访问失败方法如下
1、为egg-socket.io重新申请了一个二级域名
2、申请ssl证书
3、配置nginx
server {
#SSL 访问端口号为 443
listen 443 ssl;
#填写绑定证书的域名
server_name xxx.xxx.xxx;
#ssl on;
#证书文件名称
ssl_certificate /etc/nginx/cpem/7094410_xxx.xxx.xxx.pem;
#私钥文件名称
ssl_certificate_key /etc/nginx/cpem/7094410_xxx.xxx.xxxkey;
ssl_session_timeout 5m;
#请按照以下协议配置
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv2 SSLv3;
#请按照以下套件配置,配置加密套件,写法遵循 openssl 标准。
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
ssl_verify_client off;
location/{
proxy_pass http://wssapi; # 转发
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
upstream wssapi { //与server同级
server 127.0.0.1:7161;
}
server{
listen 80;
server_name xxx.xxx.xxx;
location/{
proxy_pass http://127.0.0.1:7161;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
网友评论