Nginx 配置与 检测WSS 示例

Message Websocket 的 SSL 代理服务

# php messageWorker.php -d start 守护进程方式启动 Websocket, 其它 start,restart,stop, ps -aux | grep messageWoker
# 测试 https://demo.yiparts.debian/wss 是否正常有返回页面
# 使用域名连接 wss://demo.yiparts.debian/wss
# 如果还是连接失败, 检查域名白名单 cfg('websocket>whiteList')
注意: $connection->onWebSocketConnect 中可能存在 域名白名单 判断
location /wss 这条规则建立放在所规则的最前面，这样就不会被别的规则给覆盖了

    listen 443 ssl;

    ssl_certificate /home/qg/ssl/certs/demo.yiparts.debian.crt;
    ssl_certificate_key /home/qg/ssl/certs/demo.yiparts.debian.key;

    ssl_session_timeout 5m;
    ssl_session_cache shared:SSL:50m;
    ssl_protocols SSLv3 SSLv2 TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;

    location /wss
    {
        proxy_pass http://127.0.0.1:8181; # swoole 或 workerman 提供的 Websocket 监听地址:端口
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_set_header X-Real-IP $remote_addr; # 透传真实客户端ip, $_SERVER['HTTP_X_REAL_IP']
    }