nginx，使用SSL的node.js + socket.io

Question

我在配置nginx和节点以支持基于SSL的socket.io时遇到问题。

我的nginx的配置：

map $http_upgrade $connection_upgrade { 
    default upgrade; 
    ''  close; 
} 

server { 
    listen 80; 
    listen 443 ssl; 
    listen [::]:80; 
    listen [::]:443 ssl; 

    access_log /var/log/nginx/livetest.log; 
    server_name live-test.dev www.live-test.dev; 

    ssl_certificate /etc/nginx/ssl/nginx.crt; 
    ssl_certificate_key /etc/nginx/ssl/nginx.key; 
    ssl_session_cache shared:SSL:50m; 
    ssl_session_timeout 5m; 

    if ($ssl_protocol = "") { 
     rewrite^https://$host$request_uri? permanent; 
    } 

    location/{ 
     proxy_pass https://live_test; 
     proxy_http_version 1.1; 
     proxy_set_header Upgrade $http_upgrade; 
     proxy_set_header Connection $connection_upgrade; 
    } 
} 

live_test上游是在端口6020上运行。当在Chrome测试它在投票日停止与node.js的（失败）状态。当使用wscat：

wscat --connect WSS：//live-test.dev

我收到： error: Error: self signed certificate

我想知道什么可能是错误的吗？这是我的node.js应用程序：

var express = require('express'); 
var cookie = require('cookie'); 
var app = express(); 
var http = require('http').Server(app); 
var socketIo = require('socket.io'); 
var redis = require('redis'); 
var redisClient = client = redis.createClient(); 

io.on('connection', function(socket){ 
    var cookies = cookie.parse(socket.handshake.headers.cookie); 

    console.log(cookies); 
}); 

http.listen(6020, function(){ 
    console.log('listening on 6020'); 
}); 

我有一种感觉，我在我的node.js应用程序中缺少的东西。我认为，既然nginx处理SSL node.js不再需要，但也许我错了。

是的，我正在使用SSL的自签名证书。 node.js/socket.io会使用自签名证书吗？

@UPDATE

经过一些阅读中，我改变了我的Node.js应用：

var express = require('express'); 
var cookie = require('cookie'); 
var fs = require('fs'); 
var app = express(); 
var https = require('https').Server(app, { 
    key: fs.readFileSync('/etc/nginx/ssl/nginx.key'), 
     cert: fs.readFileSync('/etc/nginx/ssl/nginx.crt'), 
}); 
var socketIo = require('socket.io'); 
var redis = require('redis'); 
var redisClient = client = redis.createClient(); 

var io = new socketIo(https); 

io.on('connection', function(socket){ 
    var cookies = cookie.parse(socket.handshake.headers.cookie); 

    console.log(cookies); 
}); 

https.listen(6020, function(){ 
    console.log('listening on 6020'); 
}); 

@ UPDATE2

继abcdn我曾尝试与-n标志wscat的评论，现在越来越错误： error: Error: unexpected server response (502)

while nginx error.log contains： 2017/03/07 13:44:10 [error] 10556#10556: *140 upstream prematurely closed connection while reading response header from upstream

@UPDATE 3

进一步阅读后，我把我的app.js回到HTTP。

Answer 1

var fs = require('fs'); 
 
var app = require('express')(); 
 
var https  = require('https'); 
 
var io = require('socket.io')(https); 
 
var HTTPSOptions = { 
 
    cert: fs.readFileSync('path to ssl certificate file'), 
 
    key: fs.readFileSync('path to ssl key file'), 
 
    requestCert: false, 
 
    rejectUnauthorized: false, 
 
}; 
 
HTTPSOptions.agent = new https.Agent(HTTPSOptions); 
 
var httpsServer = https.createServer(HTTPSOptions, app); 
 
io = io.listen(httpsServer, { 
 
    log: false 
 
}); 
 

 
//io.sockets.on('connection', function (sock) { 
 
// console.log("CONNECTED"); 
 
//}); 
 

 
var Redis = require('ioredis'); 
 
var redis = new Redis(); 
 

 
redis.psubscribe('*', function() {}); 
 

 
redis.on('pmessage', function (subscribed, channel, message) { 
 
    console.log("channel: " + channel); 
 
    console.log("message: " + message); 
 
    message = JSON.parse(message); 
 
    io.emit(channel + ':' + message.event, message.data); 
 
}); 
 

 
httpsServer.listen(6001, function(){ 
 
    console.log('Listening on Port 6001'); 
 
});

我花了3天找到了一个解决方案，这是我的完美的作品最终版本。我希望它可以帮助任何像我一样陷入困境的人:)