我有一个古老的套接字服务器脚本,它只能使用不安全的ws://套接字。
我将我的网站升级为使用https://,并且不再可以使用与ws://的websocket连接,浏览器生成错误消息,连接被阻止,我必须使用wss://
我正在使用linux(centos)。有没有什么容易从wss://到两个端口上的ws://设置隧道?
我找到了stunnel,但是我无法让它正常工作,是否有其他方法可以做到这一点?
我用stunnel尝试了什么:
[websocket]
accept = 9301
connect = localhost:9300
我也尝试过:
[https]
accept = www.flirtzo.eu:9001
connect = localhost:9000
但我没有成功。我希望有人知道一个正确的解决方案或修复。非常感谢你。
[编辑] 这是来自stunnel的日志文件:
2014.09.04 12:45:33 LOG7[52433:139838877431744]: Snagged 64 random bytes from /root/.rnd
2014.09.04 12:45:33 LOG7[52433:139838877431744]: Wrote 1024 new random bytes to /root/.rnd
2014.09.04 12:45:33 LOG7[52433:139838877431744]: RAND_status claims sufficient entropy for the PRNG
2014.09.04 12:45:33 LOG7[52433:139838877431744]: PRNG seeded successfully
2014.09.04 12:45:33 LOG7[52433:139838877431744]: Certificate: /home/flirtzo/ssl.cert
2014.09.04 12:45:33 LOG7[52433:139838877431744]: Certificate loaded
2014.09.04 12:45:33 LOG7[52433:139838877431744]: Key file: /home/flirtzo/ssl.key
2014.09.04 12:45:33 LOG7[52433:139838877431744]: Private key loaded
2014.09.04 12:45:33 LOG7[52433:139838877431744]: SSL context initialized for service websocket
2014.09.04 12:45:33 LOG5[52433:139838877431744]: stunnel 4.29 on x86_64-redhat-linux-gnu with OpenSSL 1.0.0-fips 29 Mar 2010
2014.09.04 12:45:33 LOG5[52433:139838877431744]: Threading:PTHREAD SSL:ENGINE Sockets:POLL,IPv6 Auth:LIBWRAP
2014.09.04 12:45:33 LOG6[52433:139838877431744]: file ulimit = 1024 (can be changed with 'ulimit -n')
2014.09.04 12:45:33 LOG6[52433:139838877431744]: poll() used - no FD_SETSIZE limit for file descriptors
2014.09.04 12:45:33 LOG5[52433:139838877431744]: 500 clients allowed
2014.09.04 12:45:33 LOG7[52433:139838877431744]: FD 10 in non-blocking mode
2014.09.04 12:45:33 LOG7[52433:139838877431744]: FD 11 in non-blocking mode
2014.09.04 12:45:33 LOG7[52433:139838877431744]: FD 12 in non-blocking mode
2014.09.04 12:45:33 LOG7[52433:139838877431744]: SO_REUSEADDR option set on accept socket
2014.09.04 12:45:33 LOG7[52433:139838877431744]: websocket bound to 0.0.0.0:9301
2014.09.04 12:45:33 LOG7[52433:139838877431744]: Created pid file /var/run/stunnel_websocket.pid
2014.09.04 12:45:36 LOG7[52433:139838877431744]: websocket accepted FD=13 from 78.165.105.183:58507
2014.09.04 12:45:36 LOG7[52433:139838877427456]: websocket started
2014.09.04 12:45:36 LOG7[52433:139838877427456]: FD 13 in non-blocking mode
2014.09.04 12:45:36 LOG7[52433:139838877427456]: Waiting for a libwrap process
2014.09.04 12:45:36 LOG7[52433:139838877427456]: Acquired libwrap process #0
2014.09.04 12:45:36 LOG7[52433:139838877427456]: Releasing libwrap process #0
2014.09.04 12:45:36 LOG7[52433:139838877427456]: Released libwrap process #0
2014.09.04 12:45:36 LOG7[52433:139838877427456]: websocket permitted by libwrap from 78.165.105.183:58507
2014.09.04 12:45:36 LOG5[52433:139838877427456]: websocket accepted connection from 78.165.105.183:58507
2014.09.04 12:45:36 LOG7[52433:139838877427456]: SSL state (accept): before/accept initialization
2014.09.04 12:45:36 LOG7[52433:139838877427456]: SSL state (accept): SSLv3 read client hello A
2014.09.04 12:45:36 LOG7[52433:139838877427456]: SSL state (accept): SSLv3 write server hello A
2014.09.04 12:45:36 LOG7[52433:139838877427456]: SSL state (accept): SSLv3 write certificate A
2014.09.04 12:45:36 LOG7[52433:139838877427456]: SSL state (accept): SSLv3 write server done A
2014.09.04 12:45:36 LOG7[52433:139838877427456]: SSL state (accept): SSLv3 flush data
2014.09.04 12:45:36 LOG7[52433:139838877427456]: SSL state (accept): SSLv3 read client key exchange A
2014.09.04 12:45:36 LOG7[52433:139838877427456]: SSL state (accept): SSLv3 read finished A
2014.09.04 12:45:36 LOG7[52433:139838877427456]: SSL state (accept): SSLv3 write session ticket A
2014.09.04 12:45:36 LOG7[52433:139838877427456]: SSL state (accept): SSLv3 write change cipher spec A
2014.09.04 12:45:36 LOG7[52433:139838877427456]: SSL state (accept): SSLv3 write finished A
2014.09.04 12:45:36 LOG7[52433:139838877427456]: SSL state (accept): SSLv3 flush data
2014.09.04 12:45:36 LOG7[52433:139838877427456]: 0 items in the session cache
2014.09.04 12:45:36 LOG7[52433:139838877427456]: 0 client connects (SSL_connect())
2014.09.04 12:45:36 LOG7[52433:139838877427456]: 0 client connects that finished
2014.09.04 12:45:36 LOG7[52433:139838877427456]: 0 client renegotiations requested
2014.09.04 12:45:36 LOG7[52433:139838877427456]: 1 server connects (SSL_accept())
2014.09.04 12:45:36 LOG7[52433:139838877427456]: 1 server connects that finished
2014.09.04 12:45:36 LOG7[52433:139838877427456]: 0 server renegotiations requested
2014.09.04 12:45:36 LOG7[52433:139838877427456]: 0 session cache hits
2014.09.04 12:45:36 LOG7[52433:139838877427456]: 0 external session cache hits
2014.09.04 12:45:36 LOG7[52433:139838877427456]: 0 session cache misses
2014.09.04 12:45:36 LOG7[52433:139838877427456]: 0 session cache timeouts
2014.09.04 12:45:36 LOG6[52433:139838877427456]: SSL accepted: new session negotiated
2014.09.04 12:45:36 LOG6[52433:139838877427456]: Negotiated ciphers: AES128-GCM-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AESGCM(128) Mac=AEAD
2014.09.04 12:45:36 LOG7[52433:139838877427456]: FD 14 in non-blocking mode
2014.09.04 12:45:36 LOG6[52433:139838877427456]: connect_blocking: connecting 127.0.0.1:9300
2014.09.04 12:45:36 LOG7[52433:139838877427456]: connect_blocking: s_poll_wait 127.0.0.1:9300: waiting 10 seconds
2014.09.04 12:45:36 LOG5[52433:139838877427456]: connect_blocking: connected 127.0.0.1:9300
2014.09.04 12:45:36 LOG5[52433:139838877427456]: websocket connected remote server from 127.0.0.1:39519
2014.09.04 12:45:36 LOG7[52433:139838877427456]: Remote FD=14 initialized
2014.09.04 12:45:36 LOG7[52433:139838877427456]: SSL socket closed on SSL_read
2014.09.04 12:45:36 LOG7[52433:139838877427456]: Socket write shutdown
2014.09.04 12:45:36 LOG5[52433:139838877427456]: Connection closed: 0 bytes sent to SSL, 0 bytes sent to socket
2014.09.04 12:45:36 LOG7[52433:139838877427456]: websocket finished (0 left)
[端口stunnel上的tcpdump正在侦听9301]
13:25:18.853411 IP 78.165.105.183.dynamic.ttnet.com.tr.60291 > s1.flirtzo.eu.9301: Flags [S], seq 3851820594, win 8192, options [mss 1452,nop,wscale 8,nop,nop,sackOK], length 0
0x0000: 4500 0034 5921 4000 7406 b390 4ea5 69b7
0x0010: 5fd3 e1e2 eb83 2455 e596 1e32 0000 0000
0x0020: 8002 2000 4164 0000 0204 05ac 0103 0308
0x0030: 0101 0402
13:25:18.853430 IP s1.flirtzo.eu.9301 > 78.165.105.183.dynamic.ttnet.com.tr.60291: Flags [S.], seq 3606802872, ack 3851820595, win 14600, options [mss 1460,nop,nop,sackOK,nop,wscale 7], length 0
0x0000: 4500 0034 0000 4000 4006 40b2 5fd3 e1e2
0x0010: 4ea5 69b7 2455 eb83 d6fb 71b8 e596 1e33
0x0020: 8012 3908 df8f 0000 0204 05b4 0101 0402
0x0030: 0103 0307
13:25:18.925957 IP 78.165.105.183.dynamic.ttnet.com.tr.60291 > s1.flirtzo.eu.9301: Flags [.], ack 1, win 64, length 0
0x0000: 4500 0028 592b 4000 7406 b392 4ea5 69b7
0x0010: 5fd3 e1e2 eb83 2455 e596 1e33 d6fb 71b9
0x0020: 5010 0040 592a 0000 0000 0000 0000
13:25:18.929145 IP 78.165.105.183.dynamic.ttnet.com.tr.60291 > s1.flirtzo.eu.9301: Flags [P.], seq 1:157, ack 1, win 64, length 156
0x0000: 4500 00c4 592c 4000 7406 b2f5 4ea5 69b7
0x0010: 5fd3 e1e2 eb83 2455 e596 1e33 d6fb 71b9
0x0020: 5018 0040 aac7 0000 1603 0100 9701 0000
0x0030: 9303 03ca 462a f6f4 8c02 b904 a7bb 6bcc
0x0040: 7031 a59d 2763 dc72 e3b6 3990 6490 442d
0x0050: af33 a200 0028 c02b c02f 009e cc14 cc13
0x0060: c00a c009 c013 c014 c007 c011 0033 0032
0x0070: 0039 009c 002f 0035 000a 0005 0004 0100
0x0080: 0042 ff01 0001 0000 0a00 0800 0600 1700
0x0090: 1800 1900 0b00 0201 0000 2300 0075 5000
0x00a0: 0000 0500 0501 0000 0000 0012 0000 000d
0x00b0: 0012 0010 0401 0501 0201 0403 0503 0203
0x00c0: 0402 0202
13:25:18.929162 IP s1.flirtzo.eu.9301 > 78.165.105.183.dynamic.ttnet.com.tr.60291: Flags [.], ack 157, win 123, length 0
0x0000: 4500 0028 c34b 4000 4006 7d72 5fd3 e1e2
0x0010: 4ea5 69b7 2455 eb83 d6fb 71b9 e596 1ecf
0x0020: 5010 007b 5853 0000
13:25:18.932573 IP s1.flirtzo.eu.9301 > 78.165.105.183.dynamic.ttnet.com.tr.60291: Flags [.], seq 1:1453, ack 157, win 123, length 1452
0x0000: 4500 05d4 c34c 4000 4006 77c5 5fd3 e1e2
0x0010: 4ea5 69b7 2455 eb83 d6fb 71b9 e596 1ecf
0x0020: 5010 007b ffd8 0000 1603 0300 3d02 0000
0x0030: 3903 0354 084c 1ec7 2b57 eac5 c7bc 4747
0x0040: 6cc9 bb68 3450 2af1 348c 6287 fa30 efec
0x0050: b734 f400 c02f 0000 11ff 0100 0100 000b
0x0060: 0004 0300 0102 0023 0000 1603 0305 380b
0x0070: 0005 3400 0531 0005 2e30 8205 2a30 8204
0x0080: 12a0 0302 0102 0203 14f7 2030 0d06 092a
0x0090: 8648 86f7 0d01 0105 0500 303c 310b 3009
0x00a0: 0603 5504 0613 0255 5331 1730 1506 0355
0x00b0: 040a 130e 4765 6f54 7275 7374 2c20 496e
0x00c0: 632e 3114 3012 0603 5504 0313 0b52 6170
0x00d0: 6964 5353 4c20 4341 301e 170d 3134 3039
0x00e0: 3031 3037 3533 3231 5a17 0d31 3530 3930
0x00f0: 3332 3330 3031 305a 3081 bb31 2930 2706
0x0100: 0355 0405 1320 6d74 4e70 776d 682d 474b
0x0110: 3745 506b 756d 4750 7247 3771 6b62 6778
0x0120: 3151 4b66 3249 3113 3011 0603 5504 0b13
0x0130: 0a47 5431 3233 3733 3831 3731 3130 2f06
0x0140: 0355 040b 1328 5365 6520 7777 772e 7261
0x0150: 7069 6473 736c 2e63 6f6d 2f72 6573 6f75
0x0160: 7263 6573 2f63 7073 2028 6329 3134 312f
0x0170: 302d 0603 5504 0b13 2644 6f6d 6169 6e20
0x0180: 436f 6e74 726f 6c20 5661 6c69 6461 7465
0x0190: 6420 2d20 5261 7069 6453 534c 2852 2931
0x01a0: 1530 1306 0355 0403 0c0c 2a2e 666c 6972
0x01b0: 747a 6f2e 6575 3082 0122 300d 0609 2a86
0x01c0: 4886 f70d 0101 0105 0003 8201 0f00 3082
0x01d0: 010a 0282 0101 00a0 563b 974b d126 329b
0x01e0: 7b13 d82c f848 f21f 810c dd7e a8f6 f971
0x01f0: 406c 8f1f 04c0 23de a16d eccc 9093 ae76
0x0200: c4db afab abfa 0a38 e18e a56d 998b 6355
0x0210: a7dd f4a1 e3d1 0009 4e01 9e6a fb45 016c
0x0220: 0701 8968 efa3 8ae2 8931 2a5a d560 f6a4
0x0230: e5f9 04f6 4bac d20b 5045 9991 453d 1ddd
0x0240: 2c6f 119a 604d df10 a5a0 37c4 c906 6f5c
0x0250: 27dc a9ce b44d 1286 4ef1 16d7 885d d468
0x0260: b3ff 5f68 b9d0 addf 856f 9b37 655f 85cc
0x0270: 2553 11f9 b791 a1d6 a97d 4b7b f79c 2cf4
0x0280: 9965 b353 efb5 219e 9ad5 30cc 4a9f 8572
0x0290: 6a11 82d7 d5d6 e53b 45e1 9b77 a905 129c
0x02a0: 7818 30fd 0bc6 b26d 4f0b 8f43 81bb 3f46
0x02b0: 6c53 c4a3 69ba e6e5 8697 d82f aa33 8c03
0x02c0: 0f67 7188 110d 2641 dc8e 860c 8170 dd47
0x02d0: c3a6 11dc 2434 e502 0301 0001 a382 01b3
0x02e0: 3082 01af 301f 0603 551d 2304 1830 1680
0x02f0: 146b 693d 6a18 424a dd8f 0265 39fd 3524
0x0300: 8678 9116 3030 0e06 0355 1d0f 0101 ff04
0x0310: 0403 0205 a030 1d06 0355 1d25 0416 3014
0x0320: 0608 2b06 0105 0507 0301 0608 2b06 0105
0x0330: 0507 0302 3023 0603 551d 1104 1c30 1a82
0x0340: 0c2a 2e66 6c69 7274 7a6f 2e65 7582 0a66
0x0350: 6c69 7274 7a6f 2e65 7530 4306 0355 1d1f
0x0360: 043c 303a 3038 a036 a034 8632 6874 7470
0x0370: 3a2f 2f72 6170 6964 7373 6c2d 6372 6c2e
0x0380: 6765 6f74 7275 7374 2e63 6f6d 2f63 726c
0x0390: 732f 7261 7069 6473 736c 2e63 726c 301d
0x03a0: 0603 551d 0e04 1604 1431 c610 096f ea04
0x03b0: 6ab1 6307 e138 3f01 65e3 6f3b 6c30 0c06
0x03c0: 0355 1d13 0101 ff04 0230 0030 7806 082b
0x03d0: 0601 0505 0701 0104 6c30 6a30 2d06 082b
0x03e0: 0601 0505 0730 0186 2168 7474 703a 2f2f
0x03f0: 7261 7069 6473 736c 2d6f 6373 702e 6765
0x0400: 6f74 7275 7374 2e63 6f6d 3039 0608 2b06
0x0410: 0105 0507 3002 862d 6874 7470 3a2f 2f72
0x0420: 6170 6964 7373 6c2d 6169 612e 6765 6f74
0x0430: 7275 7374 2e63 6f6d 2f72 6170 6964 7373
0x0440: 6c2e 6372 7430 4c06 0355 1d20 0445 3043
0x0450: 3041 060a 6086 4801 86f8 4501 0736 3033
0x0460: 3031 0608 2b06 0105 0507 0201 1625 6874
0x0470: 7470 3a2f 2f77 7777 2e67 656f 7472 7573
0x0480: 742e 636f 6d2f 7265 736f 7572 6365 732f
0x0490: 6370 7330 0d06 092a 8648 86f7 0d01 0105
0x04a0: 0500 0382 0101 000d ec47 3465 2a34 27d8
0x04b0: 9662 8b8b d5fa 0086 ebdd 78c4 1a27 08b4
0x04c0: 8701 fc9a a99e cc09 f16e 9a40 c6e3 533a
0x04d0: 1f40 d317 3c25 51ba cec3 0da5 d448 71ee
0x04e0: d156 a7a0 4bbf a374 da73 0cd7 1996 2464
0x04f0: 2ece 1a64 c53f ea6f 5e32 4d9c 0cb0 e527
0x0500: 4c9b 7eba ba1e 1557 1b07 f848 421f 750c
0x0510: fcab 4a0e afac 29c0 499e f0d9 acd9 52e4
0x0520: 6209 974f 042d 1f03 ccbc 5004 f21a b775
0x0530: a11f 12f4 1f4a 11c5 ebd1 8f73 39c6 de45
0x0540: 64f3 512b d3bc 697e 6240 f118 a11b b9ce
0x0550: 5100 00d2 0880 0179 7e0b a884 04c7 d7e5
0x0560: bfa2 dbab d8a9 4f7a 17f8 7bd8 1a0e cf67
0x0570: 9680 878c a566 ad4e 5983 f4a8 a73b c58b
0x0580: db4a 1b18 eae0 9070 68f1 ade4 c7a2 c68b
0x0590: 4c8e 9fc3 06e2 6833 fdd0 f4e1 98d3 5c54
0x05a0: 112f 2a51 9d1f 8a16 0303 014d 0c00 0149
0x05b0: 0300 1741 04e2 a5a0 5820 ab18 426c 6f74
0x05c0: 4783 0203 40c6 33eb 97b5 5f0b eaef cab5
0x05d0: 45fe 3242
13:25:18.932580 IP s1.flirtzo.eu.9301 > 78.165.105.183.dynamic.ttnet.com.tr.60291: Flags [P.], seq 1453:1755, ack 157, win 123, length 302
0x0000: 4500 0156 c34d 4000 4006 7c42 5fd3 e1e2
0x0010: 4ea5 69b7 2455 eb83 d6fb 7765 e596 1ecf
0x0020: 5018 007b fb5a 0000 9644 7c9c d18f c2e0
0x0030: 0ff8 8ae7 6f8a 1b13 d88d 81fe a956 e8f9
0x0040: a382 cd4e f34f 4775 a904 0101 006b 4e33
0x0050: d907 216b cf2e 2c7d 138c df69 3e51 a902
0x0060: 8382 c6df a26f 6c00 b716 b2ae ea76 e47c
0x0070: a377 3684 0fc8 ee33 5d57 24cb 0243 4f94
0x0080: bea6 1019 5a3a 2966 a3d3 9bc8 191c c7eb
0x0090: 5402 a886 4365 2bfc 2abd 59c6 97a6 70d1
0x00a0: 02e3 a1b3 7356 89e4 bbe4 c5fe 4e03 764c
0x00b0: 5315 2e75 cb29 4167 a42c e2c6 6362 317d
0x00c0: ac86 1e40 d8af dbb4 021d 1216 4fc4 72f6
0x00d0: 772c 214f c1f6 204c a673 634d 141f 221d
0x00e0: 039f 729c 03e9 250a 10d1 134a 7047 0fa9
0x00f0: 9180 3664 92da c4ed 19bb 9e4f 66f8 90fb
0x0100: f52c 1d79 dc47 5a84 73e5 8871 cca4 0ce2
0x0110: ecc8 db69 f4f0 515f 228e 5549 9b64 99ff
0x0120: 1d5b 3865 0df0 a836 97d5 171a 100c cb55
0x0130: 3639 0f52 7fd0 7526 ebb6 067d 1752 245f
0x0140: 9dea c068 02ee 8ada 57b1 4f6e a616 0303
0x0150: 0004 0e00 0000
13:25:19.028901 IP 78.165.105.183.dynamic.ttnet.com.tr.60291 > s1.flirtzo.eu.9301: Flags [.], ack 1755, win 64, length 0
0x0000: 4500 0028 5936 4000 7406 b387 4ea5 69b7
0x0010: 5fd3 e1e2 eb83 2455 e596 1ecf d6fb 7893
0x0020: 5010 0040 51b4 0000 0000 0000 0000
13:25:19.032832 IP 78.165.105.183.dynamic.ttnet.com.tr.60291 > s1.flirtzo.eu.9301: Flags [P.], seq 157:283, ack 1755, win 64, length 126
0x0000: 4500 00a6 5938 4000 7406 b307 4ea5 69b7
0x0010: 5fd3 e1e2 eb83 2455 e596 1ecf d6fb 7893
0x0020: 5018 0040 d8e2 0000 1603 0300 4610 0000
0x0030: 4241 0480 e743 b4ca d486 fc66 f233 d481
0x0040: 1466 d2c6 132c b9de 696d 69fc b6bb efee
0x0050: 812d bb41 7bf7 5420 888a 6fc6 868a ca1a
0x0060: cebf 0730 5d93 4e83 c00f ae8e 0bb1 6daa
0x0070: 24d5 3414 0303 0001 0116 0303 0028 0000
0x0080: 0000 0000 0000 f000 d80d c829 2d20 3a03
0x0090: e4ca db9c a9d5 0048 6248 716b 171d 4313
0x00a0: 90fb 13db 1c30
13:25:19.033946 IP s1.flirtzo.eu.9301 > 78.165.105.183.dynamic.ttnet.com.tr.60291: Flags [P.], seq 1755:1981, ack 283, win 123, length 226
0x0000: 4500 010a c34e 4000 4006 7c8d 5fd3 e1e2
0x0010: 4ea5 69b7 2455 eb83 d6fb 7893 e596 1f4d
0x0020: 5018 007b fb0e 0000 1603 0300 aa04 0000
0x0030: a600 0038 4000 a07f 78f8 6c03 ba30 68aa
0x0040: 2525 c10a c48c b360 cc25 1cb2 8d9c ce45
0x0050: 7127 e55f fefc bb06 6c9f c57e b486 5f50
0x0060: 3c28 78fa ffc4 baf8 89bc fede 25ce 5f23
0x0070: 13f4 8ce8 f6dd 6619 f953 44bc d22f 7249
0x0080: 1041 0c7e be77 5334 df33 5060 242f 2938
0x0090: 8c7c 4949 760b f290 4224 96a3 04a6 f2ce
0x00a0: c415 f804 d0e8 fb80 9cb3 4e82 a231 c65f
0x00b0: 2089 2244 3456 8162 6abd 6a3b 9301 f4c4
0x00c0: 2228 2cfa 06e8 b996 418b c2ee fdc9 600f
0x00d0: 4050 09f1 98c8 3914 0303 0001 0116 0303
0x00e0: 0028 3078 fb0a 85ce bd8c 8fb1 e4c3 5e2c
0x00f0: aaf4 4d69 765e d151 66fb 3550 ff7f f688
0x0100: 9ea1 0e08 3558 090d eb61
13:25:19.034498 IP s1.flirtzo.eu.9301 > 78.165.105.183.dynamic.ttnet.com.tr.60291: Flags [R.], seq 1981, ack 283, win 123, length 0
0x0000: 4500 0028 c34f 4000 4006 7d6e 5fd3 e1e2
0x0010: 4ea5 69b7 2455 eb83 d6fb 7975 e596 1f4d
0x0020: 5014 007b 5015 0000
[EDIT2] 新的tcpdump:https://www.cloudshark.org/captures/255d70134527
stunnel的配置文件:
foreground = yes
key = /home/flirtzo/ssl.key
cert = /home/flirtzo/ssl.cert
CAfile = /home/flirtzo/ssl.cert
debug = 7
output = /var/log/stunnel_websocket.log
[websocket]
accept = www.flirtzo.eu:9301
connect = 9300
关心Arjan
答案 0 :(得分:1)
基于最后一个pcap的答案,有关详细信息,请参阅问题讨论:
客户端只需在成功握手后关闭连接,而不发送任何数据。由于我在ClientHello中没有看到服务器名称扩展名,因此我假设您以IP而非主机名访问服务器,在这种情况下,客户端可能不接受证书(因为名称不匹配)。虽然我希望浏览器将这些内容记录到控制台。
所以看起来主机名验证是真正的问题,从wss:// ip更改为wss:// hostname解决了这个问题。