通过 WSS 连接到在本地网络上运行的 Polkadot Full Node 失败

Posted

技术标签:

【中文标题】通过 WSS 连接到在本地网络上运行的 Polkadot Full Node 失败【英文标题】:Connect via WSS to Polkadot Full Noder running on local network failed 【发布时间】:2020-12-28 16:03:23 【问题描述】:

我已经设置了一个在 192.168.2.254 的本地服务器上运行的完整节点。我只是想制作一个简单的脚本,基本上是订阅区块链上的新人头。

const  ApiPromise, WsProvider  = require('@polkadot/api');

async function main () 
  const wsProvider = new WsProvider('wss://192.168.2.254:9944');
  const api = await ApiPromise.create( provider: wsProvider );

  let count = 0;

  const unsubscribe = await api.rpc.chain.subscribeNewHeads((header) => 
    console.log(`Chain is at block: #$header.number`);

    if (++count === 256) 
      unsubscribe();
      process.exit(0);
    
  );


main().catch(console.error);

在服务器上,我还按照 Polkadot wiki 的建议使用自签名 ssl 证书设置了 nginx。这是块配置:

server 
        server_name 192.168.2.254

        root /var/www/html;
        index index.html;

        location / 
                try_files $uri $uri/ =404;

                proxy_pass http://localhost:9944;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header Host $host;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
        

        listen [::]:443 ssl ipv6only=on;
        listen 443 ssl;
        ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt;
        ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key;

        ssl_session_cache shared:cache_nginx_SSL:1m;
        ssl_session_timeout 1440m;

        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

        ssl_ciphers "ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS";

        ssl_dhparam /etc/ssl/certs/dhparam.pem;

如果我直接在服务器上运行脚本,默认情况下没有配置提供程序(它将使用 ws://127.0.0.1:9944),没有问题。但是当我在本地机器上运行它以指向 wss://192.168.2.254:9944 时,输出是 connection failed with code 1006:

nodelistenToBlock.js ─╯

2020-09-10 14:19:29          API-WS: disconnected from ws://192.168.2.254:9944 code: '1006' reason: 'connection failed'
_Event 
  type: 'error',
  isTrusted: false,
  _yaeti: true,
  target:
   W3CWebSocket 
     _listeners: ,
     addEventListener: [Function: _addEventListener],
     removeEventListener: [Function: _removeEventListener],
     dispatchEvent: [Function: _dispatchEvent],
     _url: 'ws://192.168.2.254:9944',
     _readyState: 3,
     _protocol: undefined,
     _extensions: '',
     _bufferedAmount: 0,
     _binaryType: 'arraybuffer',
     _connection: undefined,
     _client:
      WebSocketClient 
        _events: [Object: null prototype] ,
        _eventsCount: 0,
        _maxListeners: undefined,
        config: [Object],
        _req: null,
        protocols: [],
        origin: undefined,
        url: [Url],
        secure: false,
        base64nonce: 'cUJFFas2Ec3aN5YlHSxehg==' ,
     onclose: [Function: value],
     onerror: [Function: value],
     onmessage: [Function: value],
     onopen: [Function: value] ,
  cancelable: true,
  stopImmediatePropagation: [Function] 
2020-09-10 14:19:30          API-WS: disconnected from ws://192.168.2.254:9944 code: '1006' reason: 'connection failed'
2020-09-10 14:19:31          API-WS: disconnected from ws://192.168.2.254:9944 code: '1006' reason: 'connection failed'

在浏览器中接受未经验证的证书后,我还尝试使用 https://polkadot.js.org/apps/#/explorer 并将开发端点设置为 wss://192.168.2.254 成功。

我最好的猜测是本地机器上的脚本连接也需要接受未经验证的证书,但我找不到任何文件来帮助解决这个问题。感谢您的帮助!

【问题讨论】:

【参考方案1】:

在端点 url,提供端口 9944 是错误的,因为 wss 始终默认使用端口 443。

我通过运行脚本解决了这个问题

NODE_TLS_REJECT_UNAUTHORIZED=0 node listenToBlock.js

对于开发环境来说似乎是一个不错的解决方法。

【讨论】:

以上是关于通过 WSS 连接到在本地网络上运行的 Polkadot Full Node 失败的主要内容,如果未能解决你的问题,请参考以下文章

WebSocket 连接到“wss://”失败:意外响应代码:500

我可以使用安全 WebSocket (wss) 连接到本地 Windows 服务应用程序吗

通过本地网络连接到 WSL2 服务器

如何在网络计算机上连接到 SQL Server 2017(即监听本地端口)

如何通过 wss 快速连接到 MQTT?

无法连接到 wss [更新]