nginx反向代理ws,实现wss代码加密通讯请求

115次阅读
没有评论

共计 1054 个字符,预计需要花费 3 分钟才能阅读完成。

# 实际websocket服务器地址
upstream wss_svr {
    server 192.168.213.182:3653 weight=1;  
}
 
# 443 ssl端口配置,实际websockets(wss)地址
server {
 
    listen 443;
    server_name 192.168.213.182;
    
    ssl on;
 
    # 自己的证书,放在与nginx.conf同一文件夹下。(若放不同文件夹注意路径问题)
    ssl_certificate dhxtest.crt;
    ssl_certificate_key dhxtest_nopass.key;
    
    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:10m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv2 SSLv3;
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
    ssl_prefer_server_ciphers on;
    ssl_verify_client off;
    
    location / {		
        proxy_redirect off;
        proxy_pass http://wss_svr;      # 转发
        proxy_set_header Host $host;
        proxy_set_header X-Real_IP $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;   # 升级协议头
        proxy_set_header Connection upgrade;
    }
    
}

主要代码为:

location / {
proxy_redirect off;
proxy_pass http://wss_svr; # 转发
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade; # 升级协议头
proxy_set_header Connection upgrade;
}
转发ssl到原来的ws去,实现ws转wss
正文完
 
admin
版权声明:本站原创文章,由 admin 2021-01-13发表,共计1054字。
转载说明:除特殊说明外本站文章皆由CC-4.0协议发布,转载请注明出处。
评论(没有评论)
验证码