通过SSL使用Socket.io Node.js的网关错误

Question

I previously had a Socket.io script running fine over http, but upgrading to https has broken it. I have installed the cert on the server but no luck. The code for the server setup is:

var https = require('https'),
    fs =    require('fs');

var options = {
    key:    fs.readFileSync('/etc/nginx/ssl/default/54082/server.key'),
    cert:   fs.readFileSync('/etc/nginx/ssl/default/54082/server.crt')
};
var app = https.createServer(options);

var io = require('socket.io').listen(app);

However in the web browser the page fails to connect to it and the console shows a the server responded with a status of 502 (Bad Gateway) response.

Any ideas on if the script set up is wrong? Or perhaps something in the Nginx setup?

Many thanks

Edit: The front end code I'm using to connect:

<script type="text/javascript" src="https://socket.example.com/socket.io/socket.io.js"></script>
<script>
var io = io('https://socket.example.com', { secure: true });
</script>

Edit:: Nginx config:

# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/socket.example.co.uk/before/*;

server {
    listen 443 ssl;
    server_name socket.example.co.uk;
    root /home/forge/socket.example.co.uk;

    # FORGE CONFIG (DOT NOT REMOVE!)
    include forge-conf/socket.example.co.uk/server/*;

    location / {    
        proxy_pass https://socket.example.co.uk:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

}

# FORGE CONFIG (DOT NOT REMOVE!)
include forge-conf/socket.example.co.uk/after/*;

Answer 1

1. make sure that your domain points to your server.
2. make sure that an nginx server block is running for your domain with ssl enabled.
3. remove any location blocks from your nginx config attempting to proxy to the port you are running your socket.io server on.
4. make sure your ssl certificate is valid.
5. connect with io.connect() instead of the way you are doing. leave out the protocol portion of the url ( https:// ).
6. use sudo killall -9 node from the commandline to kill any zombie processes that might be lingering and bound to your port. this sometimes happens with socket.io when it fails to shutdown properly.

example from my own code:

var socket = io.connect('dev.somedomain.com:3000',{secure:true});

server example from my own domain:

var fs = require('fs'),
    https = require('https'),
    config = JSON.parse(fs.readFileSync('./config.json','utf-8')),
    serverOpts = {
        key: fs.readFileSync(config.server.key),
        cert: fs.readFileSync(config.server.cert)
    },
    server = https.createServer(serverOpts,function(req,res){}),
    io = require('socket.io').listen(server);

io.on('connection', function(socket){
   console.log('houston, we have lift off');
});

server.listen(config.port, function(){
    log('listening on *:%d',config.port);
});

obviously i'm reading the path to my certificate and key file from a config.json file but you should get the idea right?

Answer 2

The 502 (Bad Gateway) indicates that the nginx service tried to contact the proxy server but failed. The line in the nginx config

 proxy_pass https://socket.example.co.uk:3000;

seems to be the issue. Could not see from your nodejs code that the port 3000 is being used.

Answer 3

我有同样的问题，但是使用apache2，我通过将这行添加到我的vhost配置中解决了这个问题

SSLProxyEngine on SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off