WebSocket服务器不适用于SSL [英] WebSocket server does not work with SSL
问题描述
我有一个使用websockets的工作聊天应用程序。我想更进一步,在我的连接上启用加密,但是当我用https打开http服务器时,我的连接开始失败。
I have a working chat application using websockets. I want to go one step further and enable encryption on my connections, however when I switch up the http server with a https one my connections start failing.
我生成了一个我在所有网站上使用的自签名证书(在同一TLD下,这意味着它是通配符证书)。我可以确认它是有效的证书,所以问题不应该存在。
I have generated a self-signed certificate that I use on all of my websites (under the same TLD, which implies it is a wildcard certificate). I can confirm it is a valid certificate, so the problem should not be there.
这是有效的(未加密的)
This is what works (unencrypted)
var webSocketServer = require('websocket').server;
var http = require('http');
var server = http.createServer(function() {});
server.listen(webSocketsServerPort, function () {
log("system", "Server is listening on port " + webSocketsServerPort);
});
var wsServer = new webSocketServer({
httpServer: server
});
使用此我现在可以连接到 ws://my.domain:端口
。
Using this I can now connect to ws://my.domain:port
.
这是不工作
var webSocketServer = require('websocket').server;
var http = require('https');
var fs = require('fs');
var server = http.createServer({
key: fs.readFileSync("path/to/host.key"),
cert: fs.readFileSync("path/to/host.pem")
});
server.listen(webSocketsServerPort, function () {
log("system", "Server is listening on port " + webSocketsServerPort);
});
var wsServer = new webSocketServer({
httpServer: server
});
使用此代码服务器也会启动,我看到日志消息服务器正在侦听...但当我尝试连接 wss://my.domain:port
时,无法建立连接。
With this code the server starts as well, I see the log message "Server is listening.." but when I try to connect at wss://my.domain:port
the connection can not be established.
我在浏览器中为证书添加了一个例外,因为我的客户端页面和websocket服务器地址位于相同的tld和子域下。
I have added an exception in my browser for the certificate because my client page and websocket server address are under the same tld and sub-domain.
可能是什么问题?
推荐答案
不良做法加上糟糕的伐木习惯是导致问题的原因。
Bad practices combined with bad logging habits were the cause of the problem.
在打开新连接时,执行了一项检查以验证请求的来源,该请求已在那里硬编码 http://
并且因为我在请求它从安全页面( https://
),检查不再通过,连接也不可能。
On opening a new connection there was a check performed to validate the origin of the request which had hardcoded http://
in there and since I was requesting it from a secure page (https://
) the check no longer passed and connections were impossible.
这篇关于WebSocket服务器不适用于SSL的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!