前言
开发公司前段时间用Letsencrypt开发公司提供一个称为certbot的工具,生成了HTTPS证书
升级https后,原先的websocket开发公司项目不能有效运行了。。。。
相关技术:linux(centos7.9)//websocket
1.这是升级https后的nginx配置
server { server_name 你的域名; location / { root /www/client/WebSocket-master/src; index client1.html; } location /chat/ { root /www/client/WebSocket-master/src; index client2.html; } listen 443 ssl; # managed by Certbot ssl_certificate 改为自己申请得到的 crt 文件路径; # managed by Certbot ssl_certificate_key 改为自己申请得到的 key 文件路径; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot}server { if ($host = 你的域名) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name 你的域名; return 404; # managed by Certbot}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
2.这是websocket服务升级https之前,使用ws连接发生的错误
3.这是将连接方式改为wss后的报错
ws = new WebSocket('wss://ip:端口');
- 1
4.需要更改nginx配置和websocket连接方式
ws = new WebSocket('wss://域名');
- 1
server { server_name 你的域名; location / { root /www/client/WebSocket-master/src; index client1.html; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass 你需要代理的地址; # 关键配置 start proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # 关键配置 end } location /chat/ { root /www/client/WebSocket-master/src; index client2.html; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass 你需要代理的地址; # 关键配置 start proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; # 关键配置 end } listen 443 ssl; # managed by Certbot ssl_certificate 改为自己申请得到的 crt 文件路径; # managed by Certbot ssl_certificate_key 改为自己申请得到的 key 文件路径; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot}server { if ($host = 你的域名) { return 301 https://$host$request_uri; } # managed by Certbot listen 80; server_name 你的域名; return 404; # managed by Certbot}
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
- 54
- 55
5.改完步骤4的内容后重启服务
重启nginx
nginx -s reload
- 1
重启node-websocket服务
pm2 restart 服务名称或id
- 1
6.完成升级后的聊天
参考: