Fatal编程技术网

Javascript SSL中断socket.io

javascript ssl nginx socket.io

Javascript SSL中断socket.io,javascript,ssl,nginx,socket.io,Javascript,Ssl,Nginx,Socket.io,我一直在使用socket.io运行消息服务,一切都很正常,直到我加密了socket.io服务器所在的域名,现在我收到了“CORS阻止同源策略原因:CORS请求未成功” url在未加密(使用http)时工作,在加密和使用https时中断 服务器托管在ubuntu服务器上,使用NGINX代理请求 任何帮助都将不胜感激 服务器代码: const fs = require("fs") const https = require('https') const options = { key

我一直在使用socket.io运行消息服务,一切都很正常,直到我加密了socket.io服务器所在的域名,现在我收到了“CORS阻止同源策略原因:CORS请求未成功”

url在未加密(使用http)时工作,在加密和使用https时中断

服务器托管在ubuntu服务器上,使用NGINX代理请求

任何帮助都将不胜感激

服务器代码:

const fs = require("fs")
const https = require('https')

const options =    {
    key: fs.readFileSync(
        "/etc/letsencrypt/live/talk.liven.online/privkey.pem"
    ),
    cert: fs.readFileSync(
        "/etc/letsencrypt/live/talk.liven.online/cert.pem"
    ),
    ca: fs.readFileSync(
        "/etc/letsencrypt/live/talk.liven.online/chain.pem"
    )
}


const http = https.createServer(options)

const io = require('socket.io')(http, { transports:['websocket', 'htmlfile', 'xhr-polling', 'jsonp-polling', 'polling']})

io.origins(["https://navigator.liven.online"])
io.on("connection", socket => {
    console.log("a user connected!")
    socket.on('disconnect', () => console.log('user disconnected'))
    socket.on('chat message', msg => io.emit("chat message", msg))
}
const port = process.env.PORT || 2001;
http.listen(port, port => console.log("listening on ${port}"))
客户端代码:

// heavily redacted but i think this is all thats relevant
io.connect("https://talk.liven.online", {secure: true, rejectUnauthorized: false})
nginx块配置

server {
    listen 80;
    listen [::]:80;

    root /var/www/talk.liven.online/html;
    index index.html index.htm index.nginx-debian.html;

    server_name talk.liven.online www.talk.liven.online;

    location / {
        proxy_pass https://localhost:2001;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot

    ssl_certificate /etc/letsencrypt/live/talk.liven.online/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/talk.liven.online/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
    if ($host = talk.liven.online) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


    listen 80;
    listen [::]:80;

    server_name talk.liven.online www.talk.liven.online;
    return 404; # managed by Certbot


}
您显示的NGINX配置是针对普通HTTP的,而不是HTTPS。它还使用HTTP(而不是HTTPS)代理请求:

proxy_pass http://localhost:2001
           ^^^^
如果要允许客户端连接到
https://...

由于
socket.io
服务器与NGINX运行在同一台机器上,因此您可能可以通过普通HTTP进行实际代理。

我感谢您的帮助,伙计,这是否需要更改为https://..? 还是我完全弄错了(新手到服务器配置)?@Red我认为您需要删除您发布的配置中的前两个
listen
语句(端口80的语句)。因此,第一个
服务器
块侦听端口443,并处理SSL,第二个
服务器
块侦听端口80,并将所有请求重定向到HTTPS部分。