SSL上的WebSockets与Nginx握手错误

时间:2016-03-16 15:12:01

标签: javascript ssl nginx websocket

我正在使用与nginx进行websockets后端(Java)-frontend(javaScript)通信 我按照此处的说明配置了nginx:https://www.nginx.com/resources/admin-guide/reverse-proxy/
SSL证书由我的客户(订购应用程序的公司)提供。 当我尝试使用domain_name建立连接时出现问题。使用(在javaScript中):
var client = new WebSocket(wss://domain_name.com/websocket/ws)
生产:

WebSocket {
    readyState:0
    url:"wss://domain_name.com/websocket/ws"
}

和'失败:WebSocket打开握手超时' 当我使用
new WebSocket(wss://172.21.1.2/websocket/ws)时(其中172.21.1.2是公司网络中服务器的IP地址) 一切都很完美(连接建立)。结果:

WebSocket {
    readyState:1
    url:"wss://172.21.1.2/websocket/ws"
}

nginx.config如下所述:

http{
    #...

    upstream backend {
        server 127.0.0.1:8887;
    }
    map $http_upgrade $connection_upgrade {
        default upgrade;
        ''      close;
    }

    # https
    server {

        listen 443 ssl;
        server_name 127.0.0.1 domain_name.com;

        ssl_certificate      path/to/cert/cert.crt;
        ssl_certificate_key  path/to/cert/cert.key;
        ssl_ciphers         HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;

        client_max_body_size 100M;

        location / {
            proxy_pass http://127.0.0.1:8080/;
        }

        location /websocket/ws {
            error_log D:/app/nginx-1.8.1/logs/websocket_log.log debug;
            proxy_pass http://backend;
            proxy_http_version 1.1;
            proxy_set_header Host $http_host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-Host $host;
            proxy_set_header X-Forwarded-Server $host;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
            proxy_read_timeout 86400;
        }
    }
}

<小时/> Nginx日志文件内容:

请求(使用wss://domain_name.com/websocket/ws):

[debug] 32780#36892: *131 http proxy header:
"GET /websocket/ws HTTP/1.1
Host: 172.21.1.2
X-Real-IP: 172.21.2.253
X-Forwarded-Host: 172.21.1.2
X-Forwarded-Server: 172.21.1.2
X-Forwarded-For: 194.230.80.170, 172.21.2.253
Connection: Upgrade
Pragma: no-cache
Cache-Control: no-cache
Origin: https://domain_name.com
Sec-WebSocket-Version: 13
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: pl-PL,pl;q=0.8,en-US;q=0.6,en;q=0.4
Cookie: JSESSIONID=1A26AABA6BD5B499CF50F818841EBB7E
Sec-WebSocket-Key: E/OPZtu/Vff2sCn3nrK0ng==
Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits
X-Forwarded-Proto: https

请求(使用wss://172.21.1.2/websocket/ws)

[debug] 32780#36892: *878 http proxy header:
"GET /websocket/ws HTTP/1.1
Host: 172.21.1.2
X-Real-IP: 172.22.1.18
X-Forwarded-Host: 172.21.1.2
X-Forwarded-Server: 172.21.1.2
X-Forwarded-For: 172.22.1.18
Upgrade: websocket
Connection: Upgrade
Pragma: no-cache
Cache-Control: no-cache
Origin: https://172.21.1.2
Sec-WebSocket-Version: 13
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.87 Safari/537.36
Accept-Encoding: gzip, deflate, sdch
Accept-Language: pl-PL,pl;q=0.8,en-US;q=0.6,en;q=0.4
Cookie: JSESSIONID=D35C49CE43FA631B0C462CAC3BAD9765
Sec-WebSocket-Key: fhCnuX3ajakgOIb3gsg0Iw==
Sec-WebSocket-Extensions: permessage-deflate; client_max_window_bits

<小时/> Nginx版本:1.8.1
有人遇到过这个问题吗?我究竟做错了什么?任何想法?
我真的被困在这里。
在此先感谢。

0 个答案:

没有答案
相关问题
最新问题