TLS-WebSocket连接失败“ HTTP:TLS握手错误[...]:远程错误:TLS:未知证书;
我的问题是,当客户端(在NGINX WebServer上运行的svelte/node.js应用程序)连接到我的服务器时,我的Websocket连接每次都会失败。
Golang/Gorilla Server:
func (s Server) Init() {
s.Sessions = make(map[string]*Session)
go http.HandleFunc("/", s.handler)
err := http.ListenAndServeTLS(":4000", "tls/cert.pem","tls/key.pem" , nil)
if err != nil {
fmt.Println(err)
}
}
“ err”输出:http:tls握手错误来自[...]:远程错误:tls:未知证书
我使用的是我在我的letsencrypt上创建的相同证书Nginx Web服务器,用于WebServer和浏览器之间的TLS连接。 我相信这与我对TLS认证的不存在的知识有关。
先感谢您!
nginx配置
server {
root /home/ubuntu/actions-runner/_work/client/client/public;
index index.html index.htm index.nginx-debian.html;
server_name myserver.io www.myserver.io; # managed by Certbot
location / {
proxy_http_version 1.1; # FOR WEBSOCKET PROTOCOL
proxy_set_header Upgrade $http_upgrade; # FOR WEBSOCKET PROTOCOL
proxy_set_header Connection "upgrade"; # FOR WEBSOCKET PROTOCOL
try_files $uri $uri/ =404;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/myserver.io/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/myserver.io/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}server {
if ($host = www.myserver.io) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = myserver.io) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name myserver.io www.myserver.io;
return 404; # managed by Certbot
}
My problem is that my websocket connection fails everytime when a client (a svelte/node.js application running on a NGINX webserver) connects to my server.
Golang/Gorilla Server:
func (s Server) Init() {
s.Sessions = make(map[string]*Session)
go http.HandleFunc("/", s.handler)
err := http.ListenAndServeTLS(":4000", "tls/cert.pem","tls/key.pem" , nil)
if err != nil {
fmt.Println(err)
}
}
"err" outputs: http: TLS handshake error from [...] : remote error: tls: unknown certificate
I'm using the same certificate that I created with letsencrypt on my NGINX webserver, that is used for a tls connection between webserver and browser.
I believe it has something to do with my non-existent knowledge about tls certifcates.
Thank you in advance!
NGINX config
server {
root /home/ubuntu/actions-runner/_work/client/client/public;
index index.html index.htm index.nginx-debian.html;
server_name myserver.io www.myserver.io; # managed by Certbot
location / {
proxy_http_version 1.1; # FOR WEBSOCKET PROTOCOL
proxy_set_header Upgrade $http_upgrade; # FOR WEBSOCKET PROTOCOL
proxy_set_header Connection "upgrade"; # FOR WEBSOCKET PROTOCOL
try_files $uri $uri/ =404;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/myserver.io/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/myserver.io/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}server {
if ($host = www.myserver.io) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = myserver.io) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 ;
listen [::]:80 ;
server_name myserver.io www.myserver.io;
return 404; # managed by Certbot
}
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论