如何从 ssl 网站通过 https 加载 socketio?

How to load socketio over https from ssl website?

我在端口 3001 上成功地建立了一个 HTTP nodejs/socketio 服务器 运行。我正在尝试从使用 certbot 加密的 SSL 网站访问服务器(让我们加密)。

当我访问 https//:example.com/index.html 时,我看到 404 错误:

GET https://www.example.com:8000/socket.io/socket.io.js net::ERR_ABORTED 404 (Not Found)

我一直在阅读有关使用 mod_proxy here and here. HOWEVER, according to nodejs documentation 配置 apache 的内容,我所需要的只是我拥有的 pem 文件。

我觉得我在追自己的尾巴,我需要帮助。我花了将近一周的时间进行研究并尝试不同的方法。我回到一号广场。有人 运行 一个 https 服务器并成功通过 SSL 网站访问它吗?下面是所有相关代码。

server.js

const express = require('express');
const app = express();
const https = require('https');
const fs = require('fs');

// This line is from the Node.js HTTPS documentation.
var options = {
    key: fs.readFileSync('../ssl/privkey.pem'),//etc/letsencrypt/
    cert: fs.readFileSync('../ssl/cert.pem')
  };

const sslserver = https.createServer(options,app);

//establish connection
io.on('connection', (socket) => {

//requests

});

//listening for https
sslserver.listen(8000, () => {
console.log('listening on *: 8000');
});

index.html

<!DOCTYPE html>
<html>

<head>

<title>My Web App </title>

<meta charset="utf-8">
<meta name="format-detection" content="telephone=no">
<meta name="msapplication-tap-highlight" content="no">
<meta name="viewport" content="initial-scale=1, width=device-width, viewport-fit=cover">
<meta name="color-scheme" content="light dark">
</head>

<body >


<p>Welcome to web app</p>
<p>login now</p>

</body>

</html>
<!--SCRIPTS-->
<script src="cordova.js"></script>
<script src="https://www.example.com:8000/socket.io/socket.io.js"></script>
<script type="text/javascript">
var socket = io.connect('https://www.example.com:8000', {'multiplex': false});
</script>

如果您在 server.js 中使用凭据,您应该在端口 443 上侦听。否则,您只需要在自定义端口上侦听,然后为其创建反向代理。

例如:

server.js(直接听443/80)

const express = require('express');
const app = express();
var http = require('http');
const https = require('https');
const fs = require('fs');

// This line is from the Node.js HTTPS documentation.
var options = {
    key: fs.readFileSync('../ssl/privkey.pem'), //etc/letsencrypt/
    cert: fs.readFileSync('../ssl/cert.pem')
};

const port = process.env.PORT || 80;
const sercure_port = 443;

// use on server with https

var httpServer = http.createServer((req, res) => {
    res.writeHead(301, { Location: `https://${req.headers.host}${req.url}` });
    res.end();
});
http.createServer(function (req, res) {
    res.writeHead(301, { "Location": "https://" + req.headers['host'] + req.url});
res.end();
})
var httpsServer = https.createServer(options, app);

const io_server = require('socket.io')(httpsServer);

httpServer.listen(port, () => {
    console.log('http server listening on port ' + port);
});

httpsServer.listen(sercure_port, () => {
    console.log('https server listening on port ' + sercure_port);
});

server.js(在自定义端口监听)

const express = require('express');
const app = express();
const http = require('http');
const fs = require('fs');
var options = {
    key: fs.readFileSync('../ssl/privkey.pem'), //etc/letsencrypt/
    cert: fs.readFileSync('../ssl/cert.pem')
};
var port = process.env.PORT || 8080;

http.createServer(function (req, res) {
    res.writeHead(301, { "Location": "https://" + req.headers['host'] + req.url});
    res.end();
})
var httpsServer = http.createServer(options, app);

const io_server = require('socket.io')(httpsServer);

httpsServer.listen(port, () => {
    console.log('https server listening on port ' + port);
});

NGINX 储备代理

server {
    listen       443 ssl http2;
    listen       [::]:443 ssl http2;
    server_name yourdomain.com www.yourdomain.com;
    root /var/www/html;
    index index.html index.htm index.nginx-debian.html;
    

    location / {
        proxy_pass http://localhost:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header Host $host;
    }

    ssl_certificate path-to-crt.crt;
    ssl_certificate_key path-to-key.key;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    ssl_prefer_server_ciphers on;
    ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';

   #Load configuration files for the default server block.
   include /etc/nginx/default.d/*.conf;

   error_page 404 /404.html;
       location = /40x.html {
   }

   error_page 500 502 503 504 /50x.html;
       location = /50x.html {
   }
}