千辛萬苦swoole+websocket+textalk+ssl+https
阿新 • • 發佈:2020-08-18
1.配置https
用寶塔整合的Let's Encrypt或https://freessl.cn/申請
2.伺服器配置
開啟websocket埠
nginx配置檔案設定
3.swoole服務端建立websocket伺服器
證書指向
'ssl_cert_file' => '/www/server/panel/vhost/cert/loop812asktest.812ask.com/fullchain.pem',
'ssl_key_file' => '/www/server/panel/vhost/cert/loop812asktest.812ask.com/privkey.pem',
4.textalk建立websocket客戶端,用swoole的客戶端也行,不過不能在url上帶引數,除非用easyswoole
$contextOptions = [
'ssl' => [
'verify_peer' => true, // You could skip all of the trouble by changing this to false, but it's WAY uncool for security reasons.
'cafile' => '/etc/pki/tls/certs/ca-bundle.crt',
'CN_match' => $host, // Change this to your certificates Common Name (or just comment this line out if not needed)'ciphers' => 'HIGH:!SSLv2:!SSLv3',
'disable_compression' => true,
]
];
$option['context'] = stream_context_create($contextOptions);
*證書指向PHP的php.ini中的openssl.cafile的證書路徑,
CA證書下載地址:http://curl.haxx.se/docs/caextract.html
然後修改php.ini檔案
openssl.cafile=D:/wamp/php/verify/cacert.pem
4.修改composer.json中
secure-http為true
否則報
stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
以上