我在配置nginx和节点以支持基于SSL的socket.io时遇到问题。nginx,使用SSL的node.js + socket.io
我的nginx的配置:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen 80;
listen 443 ssl;
listen [::]:80;
listen [::]:443 ssl;
access_log /var/log/nginx/livetest.log;
server_name live-test.dev www.live-test.dev;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 5m;
if ($ssl_protocol = "") {
rewrite^https://$host$request_uri? permanent;
}
location/{
proxy_pass https://live_test;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
}
live_test上游是在端口6020上运行。当在Chrome测试它在投票日停止与node.js的(失败)状态。当使用wscat:
wscat --connect WSS://live-test.dev
我收到: error: Error: self signed certificate
我想知道什么可能是错误的吗?这是我的node.js应用程序:
var express = require('express');
var cookie = require('cookie');
var app = express();
var http = require('http').Server(app);
var socketIo = require('socket.io');
var redis = require('redis');
var redisClient = client = redis.createClient();
io.on('connection', function(socket){
var cookies = cookie.parse(socket.handshake.headers.cookie);
console.log(cookies);
});
http.listen(6020, function(){
console.log('listening on 6020');
});
我有一种感觉,我在我的node.js应用程序中缺少的东西。我认为,既然nginx处理SSL node.js不再需要,但也许我错了。
是的,我正在使用SSL的自签名证书。 node.js/socket.io会使用自签名证书吗?
@UPDATE
经过一些阅读中,我改变了我的Node.js应用:
var express = require('express');
var cookie = require('cookie');
var fs = require('fs');
var app = express();
var https = require('https').Server(app, {
key: fs.readFileSync('/etc/nginx/ssl/nginx.key'),
cert: fs.readFileSync('/etc/nginx/ssl/nginx.crt'),
});
var socketIo = require('socket.io');
var redis = require('redis');
var redisClient = client = redis.createClient();
var io = new socketIo(https);
io.on('connection', function(socket){
var cookies = cookie.parse(socket.handshake.headers.cookie);
console.log(cookies);
});
https.listen(6020, function(){
console.log('listening on 6020');
});
@ UPDATE2
继abcdn我曾尝试与-n标志wscat的评论,现在越来越错误: error: Error: unexpected server response (502)
while nginx error.log contains: 2017/03/07 13:44:10 [error] 10556#10556: *140 upstream prematurely closed connection while reading response header from upstream
@UPDATE 3
进一步阅读后,我把我的app.js回到HTTP。
你试过'wscat -n',即'wscat --no-check' - 跳过证书测试吗? – abcdn
@abcdn我刚刚尝试了一下,更新了我的问题 – user1970395
@abcdn我相信这意味着nginx正确处理请求,并且它的节点失败了吗? – user1970395