无法连接到DigitalOcean中的安全WebSocket

时间:2018-08-03 09:29:16

标签: express nginx websocket digital-ocean

我无法在Digital Ocean中设置WebSocket服务器。

为了这个问题,我正在为domain.com更改我的实际域名。

我基本上有一个NodeJs WebSocket服务器,我试图连接到我在Heroku托管的React应用。尝试连接时出现以下错误:

WebSocket connection to 'wss://domain.com/' failed: Error during WebSocket handshake: Unexpected response code: 200

这是我的服务器输入代码:

    const PORT = process.env.PORT || 8080
    const privateKey = fs.readFileSync('/etc/letsencrypt/live/domain.com/privkey.pem', 'utf-8')
    const certificate = fs.readFileSync('/etc/letsencrypt/live/domain.com/cert.pem', 'utf-8')
    const credentials = { key: privateKey, cert: certificate }


    const server = express()
    const httpsServer = https.createServer(credentials, server)
    httpsServer.listen(PORT)


    this.wss = new WebSocket.Server({ server: httpsServer })

我使用cert-bot来保护我的连接,因为Heroku是必须的。这是我的Nginx默认配置文件,位于/ etc / nginx / sites-available / default

server {

    # SSL configuration
    #
    # listen 443 ssl default_server;
    # listen [::]:443 ssl default_server;
    #
    # Note: You should disable gzip for SSL traffic.
    # See: https://bugs.debian.org/773332
    #
    # Read up on ssl_ciphers to ensure a secure configuration.
    # See: https://bugs.debian.org/765782
    #
    # Self signed certs generated by the ssl-cert package
    # Don't use them in a production server!
    #
    # include snippets/snakeoil.conf;

    root /var/www/html;


    # Add index.php to the list if you are using PHP
    index index.html index.htm index.nginx-debian.html;

    server_name domain.com www.domain.com;

    location / {
            # First attempt to serve request as file, then
            # as directory, then fall back to displaying a 404.
            try_files $uri $uri/ =404;
    }

    # pass PHP scripts to FastCGI server
    #
    #location ~ \.php$ {
    # include snippets/fastcgi-php.conf;
    #
    # # With php-fpm (or other unix sockets):
    # fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
    # # With php-cgi (or other tcp sockets):
    # fastcgi_pass 127.0.0.1:9000;
    #}

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    #location ~ /\.ht {
    # deny all;
    #}

    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}

我也更改了我的UFW配置。这是sudo ufw状态的输出

Nginx Full                 ALLOW       Anywhere                  
22/tcp                     ALLOW       Anywhere                  
Nginx Full (v6)            ALLOW       Anywhere (v6)             
22/tcp (v6)                ALLOW       Anywhere (v6)             

请明确说明,我并不是真正使用domain.com。我只是在当前有关隐私问题的问题中更改了它,:D

希望任何人都可以指出正确的方向。不太确定我要去哪里错了。

0 个答案:

没有答案