我在配置nginx和節點以支持基於SSL的socket.io時遇到問題。nginx,使用SSL的node.js + socket.io
我的nginx的配置:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
listen 443 ssl;
listen [::]:80;
listen [::]:443 ssl;
access_log /var/log/nginx/livetest.log;
server_name live-test.dev www.live-test.dev;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 5m;
if ($ssl_protocol = "") {
rewrite^https://$host$request_uri? permanent;
}
location/{
proxy_pass https://live_test;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
live_test上游是在端口6020上運行。當在Chrome測試它在投票日停止與node.js的(失敗)狀態。當使用wscat:
wscat --connect WSS://live-test.dev
我收到: error: Error: self signed certificate
我想知道什麼可能是錯誤的嗎?這是我的node.js應用程序:
var express = require('express');
var cookie = require('cookie');
var app = express();
var http = require('http').Server(app);
var socketIo = require('socket.io');
var redis = require('redis');
var redisClient = client = redis.createClient();
io.on('connection', function(socket){
var cookies = cookie.parse(socket.handshake.headers.cookie);
console.log(cookies);
});
http.listen(6020, function(){
console.log('listening on 6020');
});
我有一種感覺,我在我的node.js應用程序中缺少的東西。我認爲,既然nginx處理SSL node.js不再需要,但也許我錯了。
是的,我正在使用SSL的自簽名證書。 node.js/socket.io會使用自簽名證書嗎?
@UPDATE
經過一些閱讀中,我改變了我的Node.js應用:
var express = require('express');
var cookie = require('cookie');
var fs = require('fs');
var app = express();
var https = require('https').Server(app, {
key: fs.readFileSync('/etc/nginx/ssl/nginx.key'),
cert: fs.readFileSync('/etc/nginx/ssl/nginx.crt'),
});
var socketIo = require('socket.io');
var redis = require('redis');
var redisClient = client = redis.createClient();
var io = new socketIo(https);
io.on('connection', function(socket){
var cookies = cookie.parse(socket.handshake.headers.cookie);
console.log(cookies);
});
https.listen(6020, function(){
console.log('listening on 6020');
});
@ UPDATE2
繼abcdn我曾嘗試與-n標誌wscat的評論,現在越來越錯誤: error: Error: unexpected server response (502)
while nginx error.log contains: 2017/03/07 13:44:10 [error] 10556#10556: *140 upstream prematurely closed connection while reading response header from upstream
@UPDATE 3
進一步閱讀後,我把我的app.js回到HTTP。
你試過'wscat -n',即'wscat --no-check' - 跳過證書測試嗎? – abcdn
@abcdn我剛剛嘗試了一下,更新了我的問題 – user1970395
@abcdn我相信這意味着nginx正確處理請求,並且它的節點失敗了嗎? – user1970395