nginx version is 1.10.1
nginx configuration tcp forwarding:
tcp{
upstream ge_ssl {
server 127.0.0.1:1234;
}
map $http_upgrade $connection_upgrade{
default upgrade;
'' close;
}
server{
listen 9988;
ssl on;
ssl_certificate /etc/le/l/abc.com/fullchain.pem;
ssl_certificate_key /etc/le/l/abc.com/privkey.pem;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://ge_ssl;
proxy_http_version 1.1;
#proxy_ssl_session_reuse off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
}nginx listening port: 443,80,9988
443:ssl证书
80:rewrite 跳转443
9988:该端口为了应对网页的websocket请求,然后将请求转发给1234端口
Browser: FireFox, Chrome
Web page code:
var ws = new WebSocket('ws://129.136.145.58:9988');
在FireFox上面,可以通过,Chrome上面,会出错,错误如下:
Mixed Content: The page at 'https://www.abc.com/me' was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint 'ws://129.136.145.58:9988/'. This request has been blocked; this endpoint must be available over WSS.
Uncaught SecurityError: Failed to construct 'WebSocket': An insecure WebSocket connection may not be initiated from a page loaded over HTTPS.
所以网页代码改用为var ws = new WebSocket('wss://129.136.145.58:9988');
这下FireFox和Chrome一起失败了...错误如下:
WebSocket connection to 'wss://129.136.145.58:9988/' failed: WebSocket opening handshake was canceled
After checking a lot of information, I still don’t know why. Please give me some advice. I’d be very grateful. . .
