wss协议实际是websocket+SSL,就是在websocket协议上加入SSL层,类似https(http+SSL)
利用nginx代理wss
通讯原理及流程是:
1、客户端发起wss连接连到nginx
2、nginx将wss协议的数据转换成ws协议数据并转发到Workerman的websocket协议端口
3、Workerman收到数据后做业务逻辑处理
4、Workerman给客户端发送消息时,则是相反的过程,数据经过nginx/转换成wss协议然后发给客户端
nginx配置类似如下:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/server.pem;
ssl_certificate_key /etc/ssl/server.key;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
ssl_protocols SSLv3 SSLv2 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
location /wss
{
proxy_pass http://127.0.0.1:8282;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header X-Real-IP $remote_addr;
}
# location / {} 站点的其它配置...
}
|
测试
// 证书是会检查域名的,请使用域名连接
ws = new WebSocket("wss://域名/wss");
