SSL 上的 PHP websocket 与 proxy_wsTunnel - Apache
Posted
技术标签:
【中文标题】SSL 上的 PHP websocket 与 proxy_wsTunnel - Apache【英文标题】:PHP websocket on SSL with proxy_wsTunnel - Apache 【发布时间】:2017-03-13 12:50:31 【问题描述】:我有一个 php websocket 服务器正在运行,但我想通过 https 连接到它。这是我的 JS:var conn = new WebSocket('wss://81.169.228.159:3671/wss2');
这是我的 apache 配置:
ProxyPass /wss2/ ws://domain:3671/
我启用了proxy
和proxy_wstunnel
。
那么,我做错了什么?
错误日志:
[Mon Mar 13 04:38:04.228450 2017] [mpm_prefork:notice] [pid 6683] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations
[Mon Mar 13 04:38:04.228471 2017] [core:notice] [pid 6683] AH00094: Command line: '/usr/sbin/apache2'
[Mon Mar 13 12:42:39.475641 2017] [:error] [pid 12432] [client 195.169.9.201:8546] script '/var/www/html/luukwuijster.io/phpinfo.php' not found or unable to stat
[Mon Mar 13 12:56:25.370986 2017] [mpm_prefork:notice] [pid 6683] AH00169: caught SIGTERM, shutting down
[Mon Mar 13 12:56:26.539948 2017] [mpm_prefork:notice] [pid 26932] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations
[Mon Mar 13 12:56:26.539972 2017] [core:notice] [pid 26932] AH00094: Command line: '/usr/sbin/apache2'
[Mon Mar 13 13:06:36.280229 2017] [mpm_prefork:notice] [pid 26932] AH00169: caught SIGTERM, shutting down
[Mon Mar 13 13:06:37.473220 2017] [mpm_prefork:notice] [pid 27256] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations
[Mon Mar 13 13:06:37.473248 2017] [core:notice] [pid 27256] AH00094: Command line: '/usr/sbin/apache2'
[Mon Mar 13 13:19:52.144983 2017] [mpm_prefork:notice] [pid 27256] AH00169: caught SIGTERM, shutting down
[Mon Mar 13 13:19:53.235045 2017] [mpm_prefork:notice] [pid 27775] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations
[Mon Mar 13 13:19:53.235083 2017] [core:notice] [pid 27775] AH00094: Command line: '/usr/sbin/apache2'
[Mon Mar 13 13:22:21.467607 2017] [mpm_prefork:notice] [pid 27775] AH00169: caught SIGTERM, shutting down
[Mon Mar 13 13:22:22.618416 2017] [mpm_prefork:notice] [pid 27911] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations
[Mon Mar 13 13:22:22.618455 2017] [core:notice] [pid 27911] AH00094: Command line: '/usr/sbin/apache2'
[Mon Mar 13 13:28:08.356148 2017] [mpm_prefork:notice] [pid 27911] AH00169: caught SIGTERM, shutting down
[Mon Mar 13 13:28:09.546926 2017] [mpm_prefork:notice] [pid 28540] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations
[Mon Mar 13 13:28:09.546964 2017] [core:notice] [pid 28540] AH00094: Command line: '/usr/sbin/apache2'
[Mon Mar 13 13:35:26.856446 2017] [mpm_prefork:notice] [pid 28540] AH00169: caught SIGTERM, shutting down
[Mon Mar 13 13:35:28.532498 2017] [mpm_prefork:notice] [pid 29153] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations
[Mon Mar 13 13:35:28.532541 2017] [core:notice] [pid 29153] AH00094: Command line: '/usr/sbin/apache2'
[Mon Mar 13 13:46:19.084561 2017] [ssl:error] [pid 29170] [client 208.93.152.93:54712] AH02042: rejecting client initiated renegotiation
[Mon Mar 13 13:57:14.410892 2017] [mpm_prefork:notice] [pid 29153] AH00169: caught SIGTERM, shutting down
[Mon Mar 13 13:57:16.465381 2017] [mpm_prefork:notice] [pid 29927] AH00163: Apache/2.4.18 (Ubuntu) OpenSSL/1.0.2g configured -- resuming normal operations
[Mon Mar 13 13:57:16.465424 2017] [core:notice] [pid 29927] AH00094: Command line: '/usr/sbin/apache2'
[Mon Mar 13 14:00:03.312882 2017] [:error] [pid 29936] [client 81.169.228.159:33706] PHP Notice: Undefined index: text in /var/www/html/luukwuijster.io/slack/cronofy/huiswerk.php on line 9
【问题讨论】:
证书是基于域的,不能使用 IP 地址。 我现在将其更改为我的域。它仍然无法正常工作 你检查过你的错误日志吗? 是的,我做到了,或者至少,我检查了 access.log。而且里面没有任何用处 检查error.log 【参考方案1】:我假设您有一个React\Socket\Server
正在侦听端口8080
(又名php push-server.php
)。棘轮网站上的教程应该可以帮助您了解这一点。
我还假设您已经配置并加载了问题中提到的 proxy
和 proxy_wstunnel
apache 模块。
以下是我个人用来实现 WebSocket 连接的配置。
我使用/ws/
而不是教程中提到的/wss2/
以获得更好看的URL。根据需要随意调整配置。
Apache 配置
#SSL (Secure)
<VirtualHost *:443>
DocumentRoot /FILE_PATH_TO_WEBROOT
ServerName local.sitename.com
ServerAlias local.sitename.com
<Directory /FILE_PATH_TO_WEBROOT>
Options FollowSymLinks
AllowOverride all
php_flag display_errors On
Require all granted
</Directory>
SSLCertificateFile /etc/httpd/ssl/.crt
SSLCertificateKeyFile /etc/httpd/ssl/.key
ProxyRequests Off
ProxyPass "/ws/" "ws://local.sitename.com:8080/"
</VirtualHost>
#NON-SSL (Insecure)
<VirtualHost *:80>
DocumentRoot /FILE_PATH_TO_WEBROOT
ServerName local.sitename.com
ServerAlias local.sitename.com
<Directory /FILE_PATH_TO_WEBROOT>
Options FollowSymLinks
AllowOverride all
php_flag display_errors On
Require all granted
</Directory>
ProxyRequests Off
ProxyPass "/ws/" "ws://local.sitename.com:8080/"
</VirtualHost>
安全的 JavaScript 套接字连接
var conn = new WebSocket('wss://local.sitename.com/ws/');
不安全的 JavaScript 套接字连接
var conn = new WebSocket('ws://local.sitename.com/ws/');
【讨论】:
是的!谢谢!这比我自己的“解决方案”要好得多。它完美地工作以上是关于SSL 上的 PHP websocket 与 proxy_wsTunnel - Apache的主要内容,如果未能解决你的问题,请参考以下文章
Letsencrypt SSL证书上的WebSocket连接失败
带有 Apache 服务器 SSL 的 php 中的 Websocket
AWS 应用程序负载均衡器上的 Websocket + SSL