我在我的服务器上使用 Ratchet websocket。它在没有 SSL 的情况下运行良好,但我需要让它与 SSL 一起工作。
我读过这个stackoverflow post .不幸的是,我的 PAAS 支持不使用 httpd.conf。他们建议我直接在 .htaccess 中添加 ProxyPass。
Regarding adding the following line in httpd.conf file then here I would like to inform that we are not using httpd on the server as server is Debian based and we are using Apache web server. I believe you can use the same line in htaccess file or it would be better if you can consult with the developer regarding this.
# ProxyPass for Ratchet with SSL
ProxyPass /wss2/ ws://127.198.132.141:8000/
# Preventing the app from being indexed
Header set X-Robots-Tag "noindex, nofollow"
# Use the front controller as index file. It serves as a fallback solution when
# every other rewrite/redirect fails (e.g. in an aliased environment without
# mod_rewrite). Additionally, this reduces the matching process for the
# start page (path "/") because otherwise Apache will apply the rewriting rules
# to each configured DirectoryIndex file (e.g. index.php, index.html, index.pl).
DirectoryIndex app.php
# By default, Apache does not evaluate symbolic links if you did not enable this
# feature in your server configuration. Uncomment the following line if you
# install assets as symlinks or if you experience problems related to symlinks
# when compiling LESS/Sass/CoffeScript assets.
# Options FollowSymlinks
# Disabling MultiViews prevents unwanted negotiation, e.g. "/app" should not resolve
# to the front controller "/app.php" but be rewritten to "/app.php/app".
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
[...]
不幸的是,添加 ProxyPass/wss2/ws://127.198.132.141:8000/使服务器崩溃,就好像 .htaccess 不正确一样。
您有任何解决方案或提示吗?
更新:
据我所知,我们不能在 .htaccess 中使用 ProxyPass,它应该只在服务器配置或虚拟主机配置中使用。
我试图向支持人员解释,但他们似乎不明白。
So apparently it is forbidden to use ProxyPass in .htaccess.
"ProxyPass and ProxyPassReverse are available only in the server config and virtual host contexts."
Therefore if you can't add this line in the server config, could it be added in the virtual host contexts?
他们的回答:
As I have again reviewed all the settings on the server level which includes the Apache modules and Firewall rules to make the Ratchet websockets able to run on the server also the rules which we have added in Firewall indicates that all the traffic from outside is allowed on the port 8000 and I believe which should be sufficient to allow outside connections for websocket.
As of now, it seems like you are trying to make the connection using the different port (in case of https). As we have reviewed the server settings and configurations and all seems to be good.
It would be highly appreciated if you can involves the developer in this process so he can guide you better as he know the code level things much better.
现在尝试连接 wss 将抛出:
WebSocket connection to 'wss://127.198.132.141/wss2/' failed: WebSocket opening handshake was canceled
虽然将 http 与 ws 一起使用效果很好。
最佳答案
在你的虚拟主机中添加:
ProxyPass/wss2/ws://yourdomain.xxx:8888/
(尝试使用端口 8888)
不要忘记重启apache服务
虚拟主机示例:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_dir.c>
DirectoryIndex index.php index.pl index.cgi index.html index.xhtml index.htm
</IfModule>
SSLCertificateFile /etc/letsencrypt/live/yourdomain.xxx/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.xxx/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerName yourdomain.xxx
ProxyPass /wss2/ ws://yourdomain.xxx:8888/
</VirtualHost>
</IfModule>
在这里你可以找到一个完整的工作示例 https://github.com/ratchetphp/Ratchet/issues/100
关于apache - Ratchet 网络套接字 SSL,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/38653481/