HTTPS與WSS同端口的情況
HTTPS與WSS同端口: 兩者在後端服務的同一端口, eg: 4000;
server {
listen 443 ssl;
server_name api.abc.com;
ssl on;
ssl_certificate /usr/cert/yourpem.pem;
ssl_certificate_key /usr/cert/yourkey.key;
location / {
proxy_pass http://127.0.0.1:4000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
}
}
Note: 證書: 阿里雲上的免費證書
HTTPS與WSS在不同端口的情況
HTTPS與WSS在不同端口, 用SpringBoot+Netty實現的Websocket, SpringBoot服務與Netty服務, 兩者各佔一個端口, 此時需要在接口路由上標明WS的前綴, 以示區分。 eg: HTTPS服務在6000端口, WSS啓動在5000端口;
server {
listen 443 ssl;
server_name api.abc.com;
ssl on;
ssl_certificate /usr/cert/yourpem.pem;
ssl_certificate_key /usr/cert/yourkey.key;
location /ws {
proxy_pass http://127.0.0.1:5000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
}
location / {
proxy_pass https://127.0.0.1:6000;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
}
}
其實, 從上述配置過程中, 可以看出, 對於客戶端過來的請求, Nginx做了一次協議轉換與升級, 這在客戶端發出請求時, 可以進行驗證:
Note: 修改配置後, 記得先刷新配置: nginx -s reload
If you have any questions or any bugs are found, please feel free to contact me.
Your comments and suggestions are welcome!