注意
mac 自带 openssl 所以没必要像 windows 一样先安装 openssl,直接生成即可
生成 ssl/自签名 证书
生成 key
bash
# 生成rsa私钥,des3算法,server_ssl.key是秘钥文件名 1024位强度
openssl genrsa -des3 -out server_ssl.key 1024让输入两次密码,随便,但是两次得是一样的
移除密码
bash
# 这里执行完上一步的密码即已经被移除了
openssl rsa -in server_ssl.key -out server_ssl.key生成 csr
bash
# -new 执行生成新的证书请求
# -key 指定密钥
openssl req -new -key server_ssl.key -out server_ssl.csr-
Country Name (2 letter code) [
国家]:CN -
State or Province Name (full name) [
省份]:Beijing -
Locality Name (eg, city) [
城市]:Beijing -
Organization Name (eg, company) [
组织/公司]:zgp -
Organizational Unit Name (eg, section) [
部门/单位]:zgp -
Common Name (eg, fully qualified host name) [
域名]:test.zgp.cn -
Email Address [
邮箱]:demo@outlook.com -
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password [
上一步已经移除,直接回车即可]:
生成证书
bash
# x509 根据现有的证书请求生成自签名根证书
# -days 设置证书的有效天数
# -in 指定输入证书请求文件
openssl x509 -req -days 365 -in server_ssl.csr -signkey server_ssl.key -out server_ssl.crt执行过程截图
创建 nodejs 的 https/wss 服务
创建 express 项目就不多说了,自行查看:nodejs+express自动生成项目
express 文档地址https://www.expressjs.com.cn/starter/generator.html
修改的 bin/www 文件
js
#!/usr/bin/env node
/**
* Module dependencies.
*/
var app = require('../app');
var debug = require('debug')('express-io:server');
const fs = require('fs');
const path = require('path');
// var http = require('http');
var https = require('https');
// 引入 socket.io
const { Server } = require('socket.io')
/**
* Get port from environment and store in Express.
*/
var port = normalizePort(process.env.PORT || '3001');
app.set('port', port);
/**
* Create HTTPS server.
* 加上 ssl 证书
*/
const httpsOption = {
key: fs.readFileSync(path.resolve(__dirname, "../certificate/server_ssl.key")),
cert: fs.readFileSync(path.resolve(__dirname, "../certificate/server_ssl.crt"))
}
var server = https.createServer(httpsOption, app);
// 创建 websocket 服务器代码
const io = new Server(server, {
cors: {
origin: "*"
}
});
// 客户端连接成功会输出连接 id 以及 客户端传惨 query
io.on('connection', (socket)=>{
console.log(socket.id)
console.log(socket.handshake.query)
})
/**
* Listen on provided port, on all network interfaces.
*/
server.listen(port, () => {
console.log(`server listening on port: ${port}`)
});
server.on('error', onError);
server.on('listening', onListening);
/**
* Normalize a port into a number, string, or false.
*/
function normalizePort(val) {
var port = parseInt(val, 10);
if (isNaN(port)) {
// named pipe
return val;
}
if (port >= 0) {
// port number
return port;
}
return false;
}
/**
* Event listener for HTTP server "error" event.
*/
function onError(error) {
if (error.syscall !== 'listen') {
throw error;
}
var bind = typeof port === 'string'
? 'Pipe ' + port
: 'Port ' + port;
// handle specific listen errors with friendly messages
switch (error.code) {
case 'EACCES':
console.error(bind + ' requires elevated privileges');
process.exit(1);
break;
case 'EADDRINUSE':
console.error(bind + ' is already in use');
process.exit(1);
break;
default:
throw error;
}
}
/**
* Event listener for HTTP server "listening" event.
*/
function onListening() {
var addr = server.address();
var bind = typeof addr === 'string'
? 'pipe ' + addr
: 'port ' + addr.port;
debug('Listening on ' + bind);
}创建个客户端测试
html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<script src="https://cdn.socket.io/4.4.1/socket.io.min.js" integrity="sha384-fKnu0iswBIqkjxrhQCTZ7qlLHOFEgNkRmK2vaO/LbTZSXdJfAu6ewRBdwHPhBo/H" crossorigin="anonymous"></script>
<title>Document</title>
</head>
<body>
<script>
(()=>{
const socket = io('wss://localhost:3001', {
autoConnect: false,
query: {
openid: 'sajfklsadjflkdsa'
}
})
socket.connect()
socket.on("connect", ()=>{
console.log(socket.id)
})
socket.io.on('close', ()=>{
console.log('close');
})
})()
</script>
</body>
</html>
