wss 报错,ws 正常

echo_class

ws访问正常,现在做小程序,需要 wss,按照文档中第二种方法,修改 nginx 代理,结果一直报错。
nginx 中 conf的配置如下 :

server {
    listen 443;
    server_name api.***.city;
    ssl on;
    ssl_certificate        /etc/nginx/conf.d/wss/scs166028******_api.***.city_server.crt;
    ssl_certificate_key /etc/nginx/conf.d/wss/scs166028******_api.***.city_server.key;
    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:50m;
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;

    location /wss
    {
      proxy_pass http://127.0.0.1:8282;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "Upgrade";
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header Host $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      rewrite /wss/(.*) /$1 break;
      proxy_redirect off;
    }
}

前端访问:

uni.connectSocket({
        url: "wss://api.***.city/wss",  //加不加端口号都无效,域名后加不加 wss 也无效
        success: (res) => {
            console.log('连接成功了!')
        },
        fail: (res) => {
            console.log('连接失败信息:' + res.data)
            // reconnect();
        }
    })

报以下错误:

WebSocket connection to 'wss://api.***.city/wss' failed: Error during WebSocket handshake: Unexpected response code: 404
WebSocket connection to 'wss://api.***.city:8282/wss' failed: Error in connection establishment: net::ERR_SSL_PROTOCOL_ERROR
WebSocket connection to 'wss://api.***.city:8282/' failed: Error in connection establishment: net::ERR_SSL_PROTOCOL_ERROR
WebSocket connection to 'wss://api.***.city/' failed: Error during WebSocket handshake: Unexpected response code: 200

百度了很多答案,都试过了,无效。
查询云服务器,安全组显示443,8282这些端口均已放行。

3815 5 3
5个回答

ichynul

rewrite /wss/(.*) /$1 break; 好像多余

  • echo_class 2022-08-14

    谢谢评论。已经去掉这两行多余的代码,重启后仍然不能通过 wss 连接

xiuwang

改完nginx配置要重启nginx才能生效,

rewrite /wss/(.*) /$1 break;
proxy_redirect off;

这2个配置手册没有,感觉多余。
地址用 wss://api.***.city/wss 是正确的

  • echo_class 2022-08-14

    谢谢评论。每次修改完 nginx 配置,都会先检查语法再重启。删掉那两行多余的配置,也是一样的结果,还是报异常

  • xiuwang 2022-08-14

    是不是使用了cdn啊

ichynul
location /wss/ {
    proxy_redirect off;
    proxy_pass http://127.0.0.1:8282;
    proxy_set_header Host $host;
    proxy_set_header X-Real_IP $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection upgrade;
    break;
}
  • echo_class 2022-08-14

    谢谢评论,已经完全按照这个改过了,重启后仍然报错:

    WebSocket connection to 'wss://api.***.city:8282/wss' failed: Error in connection establishment: net::ERR_SSL_PROTOCOL_ERROR

    不加端口访问,报404错误:

    WebSocket connection to 'wss://api.***.city/wss' failed: Error during WebSocket handshake: Unexpected response code: 404
  • ichynul 2022-08-14

    觉得你有点懵,什么加不加端口的。
    wss://就不需要端口了,默认走的是443,再转发到8282。
    要么:ws://api..city:8282 (可Ip+端口 或 域名+端口)
    要么:wss://api.
    .city:/wss/(只可域名,通过路径/wss/转发)

    此外,结尾的:/wss 与 /wss/ 好像有区别的,把后面的/加上试试:wss://api.***.city/wss/

  • ichynul 2022-08-14

    和nginx里面的配置有关。
    我的配置类似:
    location /wss/
    {
    }
    那连接的时候就用:wss://api..city/wss/
    网上其他教程没有/结尾
    location /wss
    {
    }
    那连接的时候就用:wss://api..city:/wss

    而且这个地址可以直接使用浏览器打开的: https://api.***.city/wss/

  • echo_class 2022-08-14

    感谢。wss 后面加一斜杠,现在确实可以连接上了。谢谢~

echo_class

完整的 nginx 配置如下:

user root;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    '$status $body_bytes_sent "$http_referer" '
    '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 4096;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    include /etc/nginx/conf.d/*.conf;
    server{
        listen 80;
        server_name api.***.city;
        root /Apps/***_app/public;
        index index.html index.php;
    if ($http_origin = ""){
                set $http_origin $http_host;
        }
        add_header Access-Control-Allow-Origin $http_origin;
        add_header Access-Control-Allow-Methods $http_access_control_request_method;
        add_header Access-Control-Allow-Credentials true;
        add_header Access-Control-Allow-Headers $http_access_control_request_headers;
        add_header Access-Control-Max-Age 1728000;
    add_header Access-Control-Allow-Origin *;
        if ($request_method = 'OPTIONS') {
                return 204;
        }
     location / {
        try_files $uri $uri/ /index.php;
      }

     location ~* \.php$ {
          root /Apps/***_app/public;
          fastcgi_index index.php;
          fastcgi_pass 127.0.0.1:9000;
          fastcgi_param SCRIPT_FILENAME /Apps/***_app/public/index.php;
          fastcgi_param PATH_INFO $fastcgi_path_info;
          fastcgi_split_path_info ^(.+.php)(.*)$;
          include fastcgi_params;
     }
    }

   server {
       listen                  80;
       listen             443 ssl;
       server_name  api.***.city;
       root /Apps/***_app/public;
       index index.html index.php;
       ssl_certificate     /etc/nginx/cert/api/scs1660289054299_api.***.city_server.crt;
       ssl_certificate_key /etc/nginx/cert/api/scs1660289054299_api.***.city_server.key;
       ssl_session_timeout 10m;
       ssl_protocols  TLSv1 TLSv1.1 TLSv1.2;
       ssl_ciphers    ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;
       ssl_prefer_server_ciphers on;
       add_header Access-Control-Allow-Origin '*';
       add_header Access-Control-Allow-Methods $http_access_control_request_method;
       add_header Access-Control-Allow-Credentials true;
       add_header Access-Control-Allow-Headers $http_access_control_request_headers;
       if ($request_method = 'OPTIONS') {
           return 204;
       }
       location / {
       try_files $uri $uri/ /index.php;
      }
      location ~* \.php$ {
          root /Apps/***_app/public;
          fastcgi_index index.php;
          fastcgi_pass 127.0.0.1:9000;
          fastcgi_param SCRIPT_FILENAME /Apps/***_app/public/index.php;
          fastcgi_param PATH_INFO $fastcgi_path_info;
          fastcgi_split_path_info ^(.+.php)(.*)$;
          include fastcgi_params;      
      }
  }
  server {
    listen 443;
    server_name api.***.city;
    ssl on;
    ssl_certificate     /etc/nginx/cert/api/scs1660289054299_api.***.city_server.crt;
    ssl_certificate_key /etc/nginx/cert/api/scs1660289054299_api.***.city_server.key;
    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:50m;
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:HIGH:!aNULL:!MD5:!RC4:!DHE;

    location /wss/
    {
      proxy_redirect off;
      proxy_pass http://127.0.0.1:8282;
      proxy_set_header Host $host;
      proxy_set_header X-Real_IP $remote_addr;
      proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_http_version 1.1;
      proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection upgrade;
      break; 
   }
 }
}
lee9557

location /wss/{
proxy_pass http://127.0.0.1:8282;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Real-IP $remote_addr;
}

wss://www.xxx.com/wss/

这个完全OK
nginx大于1.10

年代过于久远,无法发表回答
×
🔝