5

我正在尝试通过 ssl 连接使用 socket.io 设置服务器到服务器的链接。这是我的例子:

/**
 * Server
 */


var app = require('express')();
var config = require('./config');
var https = require('https');
var http = require('http');
var fs = require('fs');
var server = https.createServer({key: fs.readFileSync(config.ssl.key), cert: fs.readFileSync(config.ssl.cert), passphrase: config.ssl.passphrase}, app);
//var server = http.createServer(app);
var io = require('socket.io').listen(server);

server.listen(config.port);

app.get('/', function (req, res) {
    res.send('Server');
  //res.sendfile(__dirname + '/index.html');
});

io.sockets.on('connection', function (socket) {
  socket.emit('news', { hello: 'world' });
  socket.on('my other event', function (data) {
    console.log(data);
  });
});



/**
 * Client
 */


var io = require('socket.io-client');
//var socket = io.connect('http://localhost', {port: 8088});
var socket = io.connect('https://localhost', {secure: true, port: 8088});
  socket.on('connect', function(){
    socket.on('event', function(data){});
    socket.on('disconnect', function(){});
  });

该代码在没有 SSL 的情况下运行良好。我怀疑这可能是我的自签名证书未被接受,但我不知道如何让客户接受它。

我可以接受自签名 SSL 证书,还是可以采取其他方法?

4

4 回答 4

15

我必须在客户端上做一些不同的事情才能让它工作,通过手动告诉 socket.io 也使用该代理(并且由secure: true暗示https:)。这里是:

// Client
var io = require('socket.io-client');
var https = require('https');
https.globalAgent.options.rejectUnauthorized = false;
var socket = io.connect('https://localhost:3210/', { agent: https.globalAgent });
socket.on('connect', function(){ console.log('connected'); });

这是使用 socket.io v1.0.2。

或者,我在以下方面也取得了成功,正如这里所指出的:Socket.io + SSL + self-signed CA certificate gives error when connected

process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';
var io = require('socket.io-client');
var socket = io.connect('https://localhost:3210/');
socket.on('connect', function(){ console.log('connected'); });
于 2014-06-16T00:51:56.957 回答
9

经过更多搜索后,在客户端中添加它使其工作:

要求('https').globalAgent.options.rejectUnauthorized = false;

/**
 * Client
 */


var io = require('socket.io-client');
//var socket = io.connect('http://localhost', {port: 8088});

require('https').globalAgent.options.rejectUnauthorized = false; 

var socket = io.connect('https://localhost', {secure: true, port: 8088});
  socket.on('connect', function(){
    socket.on('event', function(data){});
    socket.on('disconnect', function(){});
  });
于 2014-02-08T20:24:27.743 回答
5

以前的答案对我没有用。require('https').globalAgent总是undefined

做了一些搜索并rejectUnauthorized在文档(https://nodejs.org/api/tls.html)中找到了参数。不确定它是否与 SocketIO 有关,但它似乎可以与自签名证书一起使用:

var socket = io.connect('//yourhost:8000', {secure: true, rejectUnauthorized: false})

secure: true可能是可选的,但无论如何我都喜欢强制执行。

于 2016-04-29T09:34:15.030 回答
0

虽然上述所有解决方案都集中在rejectUnauthorized=false,但我想提出一个替代方案。

const https = require('https');
const rootCas = require('ssl-root-cas').create();
rootCas.addFile('cert/ca.crt');
https.globalAgent.options.ca = rootCas; // optional

const io = require("socket.io-client");
var socket = io.connect("https://...", { agent: https.globalAgent });
于 2018-06-13T05:22:03.757 回答