用于具有两个独立服务器的安全WebSocket的Nginx反向代理
我对此搜索了很多,但不知怎么搞不懂 以下是我的案例摘要: 我有一个客户端服务器,它运行在Apache+Cpanel上,具有letsencrypt ssl证书。当用户单击链接时,它会尝试连接wss://nodeserverip:port 在nodejs服务器端,我使用nginx作为反向代理,但无法配置它。两台服务器都在Centos上运行我想要的方案: 用户单击链接->wss://NodejsServerip:port1 ->(连接到NodejsServer)代理\u传递->响应到客户端 我对NodejsServer使用自签名证书。在这种情况下,根据我的配置,我在控制台日志中获得ERR\u CERT\u AUTHORITY\u INVALID error或ERR\u SSL\u PROTOCOL\u error 这是我的nginx default.conf文件:用于具有两个独立服务器的安全WebSocket的Nginx反向代理,nginx,wss,Nginx,Wss,我对此搜索了很多,但不知怎么搞不懂 以下是我的案例摘要: 我有一个客户端服务器,它运行在Apache+Cpanel上,具有letsencrypt ssl证书。当用户单击链接时,它会尝试连接wss://nodeserverip:port 在nodejs服务器端,我使用nginx作为反向代理,但无法配置它。两台服务器都在Centos上运行我想要的方案: 用户单击链接->wss://NodejsServerip:port1 ->(连接到NodejsServer)代理\u传递->响应到客户端 我对Nod
server {
listen 8080 ssl;
listen [::]:8080 ssl ipv6only=on;
server_name client.website.address;
#root /usr/share/nginx/html;
#ssl_verify_client on;
#ssl_verify_client off;
#ssl_client_certificate /etc/nginx/certs/privkey.pem;
ssl_certificate /etc/nginx/certs/client.crt;
ssl_certificate_key /etc/nginx/certs/client.key;
#ssl_session_cache shared:le_nginx_SSL:1m;
#ssl_session_timeout 1d;
#ssl_session_tickets off;
#ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3 SSLv2 SSLv3;
#ssl_prefer_server_ciphers on;
#ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
#ssl_ecdh_curve secp384r1;
#ssl_stapling on;
#ssl_stapling_verify on;
#add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload;";
#add_header Content-Security-Policy "default-src 'none'; frame-ancestors 'none'; script-src 'self'; img-src 'self'; style-src 'self'; base-uri 'self'; form-action 'self';";
#add_header Referrer-Policy "no-referrer, strict-origin-when-cross-origin";
#add_header X-Frame-Options SAMEORIGIN;
#add_header X-Content-Type-Options nosniff;
#add_header X-XSS-Protection "1; mode=block";
# Load configuration files for the default server block.
#include /etc/nginx/default.d/*.conf;
location / {
#proxy_ssl_verify off;
#proxy_ssl_verify on;
#proxy_ssl_certificate /etc/nginx/certs/client.crt;
#proxy_ssl_certificate_key /etc/nginx/certs/client.key;
#proxy_ssl_trusted_certificate /etc/nginx/certs/client.crt;
proxy_buffering off;
proxy_redirect off;
proxy_pass http://127.0.0.1:2020;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# WebSocket support (nginx 1.4)
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}您尝试过的任何配置文件都可以发布到这里吗?我添加了nginx conf文件。