微信小程序后台请求越来越严格

1.request要求用https

2.websocket要求用wss

3.测试后发现websocket只能走433端口

作为.net开发,websocket又是使用的第三方平台,这个时候https绑定ssl会占用433端口,导致第三方平台websocket无法使用

最开始想,IIS使用80端口,websocket使用433,但是433被iis站点绑定的https占用,导致Nginx无法监听433

然后索性IIS弃用80端口和433端口,卸载掉IIS7/8的SSL证书,换用Nginx的SSL证书,

然后IIS建立的站点端口修改为非80,433端口,换为其他,如:8080

最后在Nginx中添加反向代理,针对https80端口的,指向IIS8080端口,针对wss的,指向第三方websocket

Nginx代理设置如下,我自己用的是奥点云websocket

upstream mqtt {

  #奥点云地址
  server mqtt.dms.aodianyun.com:8000;
}

# HTTPS server
#
server {
  listen80;
  listen 443 ssl;
  server_namelocalfind.cn;

  #sslon;
  ssl_certificate D:\path\my.pem;
  ssl_certificate_key D:\path\my.key;
  ssl_session_timeout 5m;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
  ssl_prefer_server_ciphers on;

  #ssl_session_cache builtin:1000 shared:SSL:5m;
  #ssl_buffer_size 1400;
  #add_header Strict-Transport-Security max-age=15768000;
  #ssl_stapling on;
  #ssl_stapling_verify on;

  location /dictionaries {
    proxy_pass http://mywebsite.cn:8080/dictionaries/;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
  }

  location /mqtt {
    proxy_pass http://mqtt;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
  }
}

05-02 09:21