Q1: 通过nginx部署vue工程时,Springboot使用webSocket(spring-boot-starter-websocket)造成经常连接失败的问题
A1:Nginx反向代理要支持WebSocket,需要配置几个header,否则连接时会报404
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 3600s;//这个时间不长的话就容易断开连接
Q2: 如何把系统变成使用SSL证书的访问协议https
A2: 需要按一下思路进行:(假定nginx网页和oss图片资源)
- 申请与域名绑定的SSL证书
- 然后下载SSL证书的nginx版本
- 申请与oss绑定的SSL证书
- oss端添加相关的域名记录
- nginx配置修改:证书文件安装
nginx.conf
http{
server {
###HTTPS的配置开始####
listen 443 ssl;
ssl_certificate /etc/nginx/cert/cert.pem;
ssl_certificate_key /etc/nginx/cert/cert.key;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
ssl_protocols SSLv3 SSLv2 TLSv1 TLSv1.1 TLSv1.2; #按照这个协议配置
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_prefer_server_ciphers on;
###HTTPS的配置结束####
}
}
- nginx中加入websocket的https版本 nginx.conf
http {
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream wsbackend{
server ip:port;
keepalive 1000;
}
server {
location /wss {
proxy_pass http://wsbackend; #通过配置端口指向部署websocker的项目
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
rewrite /wss/(.*) /$1 break;
proxy_redirect off;
}
}
}
- web的websocket的连接代码如下:
wss://域名/wss/socket/message
WebSocketServer.java
@ServerEndpoint(value = "/socket/message/{id}",subprotocols = {"protocol"})