千辛万苦swoole+websocket+textalk+ssl+https

1.配置https

用宝塔集成的Let's Encrypt或https://freessl.cn/申请

2.服务器配置

开启websocket端口

nginx配置文件设置

3.swoole服务端创建websocket服务器

证书指向

'ssl_cert_file' => '/www/server/panel/vhost/cert/loop812asktest.812ask.com/fullchain.pem',
'ssl_key_file' => '/www/server/panel/vhost/cert/loop812asktest.812ask.com/privkey.pem',

4.textalk创建websocket客户端,用swoole的客户端也行,不过不能在url上带参数,除非用easyswoole

$contextOptions = [
'ssl' => [
'verify_peer' => true, // You could skip all of the trouble by changing this to false, but it's WAY uncool for security reasons.
'cafile' => '/etc/pki/tls/certs/ca-bundle.crt',
'CN_match' => $host, // Change this to your certificates Common Name (or just comment this line out if not needed)
'ciphers' => 'HIGH:!SSLv2:!SSLv3',
'disable_compression' => true,
]
];

$option['context'] = stream_context_create($contextOptions);

*证书指向PHP的php.ini中的openssl.cafile的证书路径,

CA证书下载地址:http://curl.haxx.se/docs/caextract.html

然后修改php.ini文件

openssl.cafile= D:/wamp/php/verify/cacert.pem

4.修改composer.json中
secure-http为true
否则报

stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed

 

以上

posted on 2020-08-18 17:09  caigan  阅读(638)  评论(0编辑  收藏  举报