我正在尝试获得一个“wss”连接来通过 NGINX 工作。没有 SSL 的“ws”可以正常工作。
(我用“test.thruway.local”替换了实际的项目域名)
这是 nginx 配置:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream thruway_websocket {
server 127.0.0.1:9090;
}
server {
listen 9190;
listen [::]:9190;
server_name test.thruway.local;
access_log /var/log/nginx/test.thruway.access_log;
error_log /var/log/nginx/test.thruway.error_log;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# tried both "https://" and "http://"
proxy_pass https://thruway_websocket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
proxy_set_header Host $host;
proxy_ssl_certificate /etc/letsencrypt/live/test.thruway.local/fullchain.pem;
proxy_ssl_certificate_key /etc/letsencrypt/live/test.thruway.local/privkey.pem;
}
# not sure if this is needed here. Tried with and without.
ssl_certificate /etc/letsencrypt/live/test.thruway.local/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/test.thruway.local/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
端口已打开,请求似乎通过:
# ufw status
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
Nginx Full ALLOW Anywhere
9190/tcp ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Nginx Full (v6) ALLOW Anywhere (v6)
9190/tcp (v6) ALLOW Anywhere (v6)
我正在使用 AutobahnJS 向端口 9190 发出请求:
new autobahn.Connection( {
url: 'wss://test.thruway.local:9190',
realm: 'test'
} );
nginx 访问日志记录了一个条目,告诉我它显然正在连接......但日志本身是一堆乱七八糟的 ASCII 代码,并且NGINX 返回错误 400。
像这样的东西(IP改变):
111.111.11.111 - - [08/Sep/2021:12:57:24 +0200] "\x10\x04\x01\x02\x00\x01\x00\x00\xF0\x03\x02.\xA0\x90\xD1\x10\xA5\xF0\x8C\xF2 (... etc)" 400 182 "-" "-"
一切正常,同时只使用 ws 而不是 wss。我尝试了几次调整,浏览了我能找到的任何材料——似乎没有任何效果。
无论我尝试什么,我总是得到:
“Firefox 无法与位于 wss://test.thruway.local:9190/ 的服务器建立连接。”
有谁知道我可以尝试做什么?我很感谢任何想法,我没有东西可以尝试。