Ssl WSS的Nginx配置
我在通过WSS连接到服务器时遇到问题。我按照以下文章使用WebSocket设置nginx: 下面是我的nginx配置,它提供了一个剧本!应用程序:Ssl WSS的Nginx配置,ssl,nginx,websocket,Ssl,Nginx,Websocket,我在通过WSS连接到服务器时遇到问题。我按照以下文章使用WebSocket设置nginx: 下面是我的nginx配置,它提供了一个剧本!应用程序: #user nobody; worker_processes 1; error_log logs/error.log; #error_log logs/error.log notice; #error_log logs/error.log info; #pid logs/nginx.pid; events {
#user nobody;
worker_processes 1;
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
tcp {
upstream websockets {
## Play! WS location
server 127.0.0.1:9000;
}
server {
listen 80;
listen 8000;
server_name socket.domain.com;
tcp_nodelay on;
proxy_pass websockets;
proxy_send_timeout 300;
}
# virtual hosting
#include /usr/local/nginx/vhosts/*;
}
http {
server {
listen 443 ssl;
server_name socket.artoo.in;
ssl_certificate /usr/local/nginx/key/socket.domain.com.crt;
ssl_certificate_key /usr/local/nginx/key/socket.domain.com.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:9000;
}
}
}
当服务器在上可访问时,ws://socket.domain.com,但不是wss://socket.domain.com我至少通过使用stunnel(参考本文:)在短期内解决了这个问题 Stunnel可以将HTTPS转换为HTTP,并通过该令牌将WSS转换为WS。Nginx一如既往地为运行在9000端口上的套接字应用程序提供服务: /etc/stunnel/stunnel.conf
[https]
accept = 443
connect = 80
TIMEOUTclose = 0
/usr/local/nginx/conf/nginx.conf
#user nobody;
worker_processes 1;
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
tcp {
upstream websockets {
## Play! WS location
server 127.0.0.1:9000;
check interval=3000 rise=2 fall=5 timeout=1000;
}
server {
listen 80;
listen 8000;
server_name socket.artoo.in;
tcp_nodelay on;
proxy_pass websockets;
proxy_send_timeout 300;
}
# virtual hosting
#include /usr/local/nginx/vhosts/*;
}
#http {
#
# server {
# listen 443 ssl;
# server_name socket.artoo.in;
#
# ssl_certificate /usr/local/nginx/key/socket.domain.com.crt;
# ssl_certificate_key /usr/local/nginx/key/socket.domain.com.key;
#
# ssl_session_timeout 5m;
#
# ssl_protocols SSLv2 SSLv3 TLSv1;
# ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
# ssl_prefer_server_ciphers on;
#
# location / {
# proxy_pass http://127.0.0.1:9000;
# }
# }
#}
现在我唯一需要担心的是如何增加nginx上websockets的超时时间,连接似乎每75秒就会中断一次(nginx的默认设置)。我能够以问答格式编写一份指南,向您展示如何使用nginx模块完成所有这些操作,这要容易得多;)
您需要重新构建NGINX并按照上面问题中的配置进行操作。这是stackoverflow.com,我不确定我是否理解这个问题?如何解决这个超时问题?有什么比将超时设置为一个巨大的数字更优雅的吗?可能的重复项(最上浮的答案只是指向此重复项的链接)