我在WSS(websockets ssl)和Chrome上遇到了一些麻烦,但在Firefox上却没有任何问题。
我在端口8443上安装了带有SSL的Tomcat,并且HTTPS运行良好,我的证书有效,并且已被Chrome接受,用于标准HTTPS网页。但是Chrome拒绝了我的WSS连接,并出现以下错误:
与'wss:// myhost:8443 / pv'的WebSocket连接失败:WebSocket 打开握手已取消
我缺少什么? HTTPS的tomcat配置是否可能不适用于WSS? 这是我当前用于8443连接器的tomcat配置:
<Connector
protocol="org.apache.coyote.http11.Http11AprProtocol"
port="8443" maxThreads="200"
scheme="https" secure="true" SSLEnabled="true"
SSLCertificateFile="/etc/letsencrypt/live/myhost/cert.pem"
SSLCertificateChainFile="/etc/letsencrypt/live/myhost/chain.pem"
SSLCertificateKeyFile="/etc/letsencrypt/live/myhost/privkey.pem"
SSLVerifyClient="optional"
SSLProtocol="all -SSLv2 -SSLv3"
SSLDisableCompression="true"
SSLCipherSuite="ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA"
SSLHonorCipherOrder="true"
/>