与Nginx和Express的Socket.io SSL连接

本文介绍了与Nginx和Express的Socket.io SSL连接的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！

问题描述

我试图在运行带有express和nginx的socket.io的应用程序上使用SSL，但是我无法使其正常工作.我已经完成了研究，但发现没有任何效果.

I am trying to use SSL on my application running socket.io with express and nginx but I can't make it work. I have done my research but none of what I found worked.

我一直遇到错误:ERR_CONNECTION_CLOSED，客户端没有http状态代码.

I keep having the error : ERR_CONNECTION_CLOSED with not http status code on client side.

GET https://subdomain.mywebsite.com:1339/socket.io/?EIO=3&transport=polling&t=LIgxHmz net::ERR_CONNECTION_CLOSED

这是我的nginx配置:

Here is my nginx configuration :

server {
listen 443;
server_name subdomain.mywebsite.com;

root /usr/share/nginx/html;
index index.html index.htm;

ssl on;
# Use certificate and key provided by Let's Encrypt:
ssl_certificate /etc/letsencrypt/live/subdomain.mywebsite.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/subdomain.mywebsite.com/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

location / {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_set_header X-NginX-Proxy true;

    proxy_pass http://localhost:1339/;
    proxy_redirect off;

    # Socket.IO Support
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
}

这是服务器端:

var express = require('express'),

var app = express();

var server = require('http').createServer(app);
var io = require('socket.io')(server);

server.listen(1339);

...

这是客户端:subdomain.mywebsite.com

Here is the client side :subdomain.mywebsite.com

var socket = io.connect("https://subdomain.mywebsite.com:1339");

该页面加载良好，服务器端无错误，但未连接到socket.io.在我尝试切换到SSL之前，一切都工作正常.

The page loads nicely, no error on server side but no connection to socket.io.Everything worked flawlessly before I tried to switch to SSL.

我在做什么错了?

推荐答案

尝试此配置.请确保拥有正确的SSL证书和密钥.如果您在本地进行测试，则可以轻松地使用 mkcert 工具生成用于本地测试的SSL证书.

Try this configuration. Please make sure to have a correct SSL certificate and key. If you test on local you can easily use mkcert tool to generate SSL certificate to local testing.

server {
   listen 80;
   server_name <your server_name>;
   return 301 https://<your server_name>$request_uri;
}

server {
   listen 443 ssl;


   ssl_certificate <your certificate path>;  # better if you put them at /etc/nginx/ssl/
   ssl_certificate_key <your certificate_key path >;

   server_name <your server_name>;

   location / {
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $remote_addr;
      proxy_set_header X-Client-Verify SUCCESS;
      proxy_set_header Host $http_host;
      proxy_set_header X-NginX-Proxy true;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
      proxy_pass http://localhost:3000;
      proxy_redirect off;
      proxy_buffering off;
   }
}

这篇关于与Nginx和Express的Socket.io SSL连接的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！