一尘不染

Socket.io + NodeJS + Nginx + SSL

node.js

使用Nginx时,我的套接字无法连接。我的配置文件是:

server {
    listen 80;
    return 301 https://$host$request_uri;
}

server {
    listen 443;
    server_name mysite.com

    ssl     on;
    ssl_certificate      /etc/nginx/ssl/server.crt;
    ssl_certificate_key  /etc/nginx/ssl/server.key;

    ssl_protocols        TLSv1.2 TLSv1.1 TLSv1;
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'kEECDH+ECDSA+AES128 kEECDH+ECDSA+AES256 kEECDH+AES128 kEECDH+AES256 kEDH+AES128 kEDH+AES256 DES-CBC3-SHA +SHA !aNULL !eNULL !LOW !MD5 !EXP !DSS !PSK !SRP !kECDH !CAMELLIA !RC4 !SEED';

    ssl_session_cache   shared:SSL:10m;
    ssl_session_timeout 10m;

    keepalive_timeout   70;

    access_log /var/log/nginx/dash.log;

    # pass the request to the node.js server
    location / {
        proxy_set_header   Host $host;
        proxy_set_header   X-Real-IP $remote_addr;
        proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header   X-Forwarded-Host $server_name;
        proxy_set_header   X-Forwarded-Proto $scheme;
        proxy_set_header X-NginX-Proxy true;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        add_header  Front-End-Https   on;

        proxy_pass         https://127.0.0.1:8081;
        proxy_redirect     off;

    }
}

我的NodeJS是:

// Setup servers
var app = express();
var HTTPSOptions = {
    cert: fs.readFileSync(config.ssl.server_cert),
    key: fs.readFileSync(config.ssl.server_key),
    requestCert: false,
    rejectUnauthorized: false,
    passphrase: config.ssl.server_password
};
HTTPSOptions.agent = new https.Agent(HTTPSOptions);

io = io.listen(server, {
    log: false
});

io.sockets.on('connection', function (sock) {
    console.log("CONNECTED");
});

var httpsServer = https.createServer(HTTPSOptions, app);

我的客户是

var socket = io.connect('https://localhost',  {secure: true});
socket.on('connect', function () {
    console.log("CONNECTED HERE TOO");
});

不用说,两者都不console.log显示任何东西。我担心Nginx阻止了该请求,而节点却实际上从未收到它?


阅读 216

收藏
2020-07-07

共1个答案

一尘不染

好像缺少了 listen 443 **ssl** ;

2020-07-07