0
我部署一個nginx的Web服務有以下配置使用SSL加密連接的nginx的WebSocket
server {
listen 443;
server_name localhost;
root html;
index index.html index.htm;
ssl on;
ssl_certificate /etc/nginx/ssl/current.crt;
ssl_certificate_key /etc/nginx/ssl/current.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES";
ssl_prefer_server_ciphers on;
location/{
proxy_pass http://172.16.9.245:33400;
}
location /csconf/ {
proxy_pass http://172.16.9.245:33200;
}
location /websockets/ {
proxy_pass http://172.16.9.245:33143;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
我的客戶嘗試使用C代碼
.....
const SSL_METHOD *meth = SSLv3_method();
SslCtx = SSL_CTX_new(meth);
SSL_CTX_set_options(SslCtx, SSL_OP_NO_COMPRESSION);
SSL_CTX_set_cipher_list(SslCtx, "RC4-SHA:DEC-CBC3-SHA:DES-CBC-SHA");
.....
int ret = SSL_connect(obj->ssl);
它拋出「錯誤連接到這個網頁套接字:14077410: SSL例程:SSL23_GET_SERVER_HELLO:sslv3警報握手失敗:s23_clnt.c:741:「
爲什麼握手錯誤?請幫我解釋一下這個問題。
感謝