我正在使用此示例中的高速公路服务器:https://github.com/crossbario/autobahn-python/tree/master/examples/twisted/websocket/echo_tls
并按照示例说明中的说明,生成了服务器密钥:
openssl genrsa -out server.key 2048
openssl req -new -key server.key -out server.csr
openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
openssl x509 -in server.crt -out server.pem
我还有一个autobahn-js客户端:
<html>
<head>
<script src="autobahn.min.js"></script>
<script>
var connection = new autobahn.Connection({url: 'wss://domain.com'});
connection.onopen = function (session) {
// 1) subscribe to a topic
function onevent(args) {
console.log("Event:", args[0]);
}
session.subscribe('com.myapp.hello', onevent);
// 2) publish an event
session.publish('com.myapp.hello', ['Hello, world!']);
// 3) register a procedure for remoting
function add2(args) {
return args[0] + args[1];
}
session.register('com.myapp.add2', add2);
// 4) call a remote procedure
session.call('com.myapp.add2', [2, 3]).then(
function (res) {
console.log("Result:", res);
}
);
};
connection.open();
</script>
</head>
<body></body>
</html>
但是,在三个流行的浏览器(Chrome,Edge,Firefox)中运行上述js-code,显示了我使用每个浏览器控制台粘贴的连接中的安全问题。
Google Chrome :
WebSocket connection to 'wss://domain/' failed: Error in connection establishment: net::ERR_INSECURE_RESPONSE
(anonymous) @ autobahn.min.js:196
Microsoft Edge :
SCRIPT12045: WebSocket Error: Network Error 12045, The certificate authority is invalid or incorrect
Mozilla Firefox :
在Firefox的情况下,服务器通过以下消息抱怨客户的问题:
2017-11-15T09:04:38+0000 Connection to/from tcp4:<ip here> lost (<class 'OpenSSL.SSL.Error'>): [('SSL routines', 'ssl3_read_bytes', 'tlsv1 alert unknown ca')])
2017-11-15T09:04:38+0000 _connectionLost: [Failure instance: Traceback: <class 'OpenSSL.SSL.Error'>: [('SSL routines', 'ssl3_read_bytes', 'tlsv1 alert unknown ca')]
是否使用&#34; openssl&#34;生成密钥?工具对浏览器不够好?我怎么解决这个问题?为什么Firefox不抱怨服务器的安全性?