版权声明:本文为博主原创文章,转载请注明出处:http://blog.csdn.net/sinat_34820292 https://blog.csdn.net/sinat_34820292/article/details/81462447
1. 题外话:可以用nginx或者apache使用 https到http的代理,实现把wss服务代理到ws
server {
listen 443;
server_name test.xxxx.com;
access_log logs/test.xxxx.log main;
ssl on;
ssl_certificate /etc/test.xxxx.com.cer; # 这里是服务端的证书路径
ssl_certificate_key /etc/test.xxxx.com.key; # 这里是秘钥路径
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 SSLv2 SSLv3;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
ssl_verify_client off;
location / {
proxy_redirect off;
proxy_pass http://127.0.0.1:7474; //主机上的ws服务端口
proxy_set_header Host $host;
proxy_set_header X-Real_IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr:$remote_port;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection “upgrade”;
}
}
2. 比较简单易用的一个websocket java客户端 https://github.com/TooTallNate/Java-WebSocket 不支持wss(也许只是我不会用),所以参考网上的方法,稍加修改封装了一个支持wss的客户端,代码如下:
package com.cdr.wsc;
import java.net.URI;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.java_websocket.client.DefaultSSLWebSocketClientFactory;
import org.java_websocket.client.WebSocketClient;
import org.java_websocket.drafts.Draft;
abstract class SimpleWss extends WebSocketClient {
public SimpleWss(URI serverURI) {
super(serverURI);
if(serverURI.toString().contains("wss://"))
trustAllHosts(this);
}
public SimpleWss(URI serverURI,Draft draft) {
super(serverURI,draft);
if(serverURI.toString().contains("wss://"))
trustAllHosts(this);
}
final static HostnameVerifier DO_NOT_VERIFY = new HostnameVerifier() {
public boolean verify(String hostname, SSLSession session) {
return true;
}
};
static void trustAllHosts(SimpleWss appClient) {
System.out.println("wss");
TrustManager[] trustAllCerts = new TrustManager[]{new X509TrustManager() {
public java.security.cert.X509Certificate[] getAcceptedIssuers() {
return new java.security.cert.X509Certificate[]{};
}
@Override
public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
// TODO Auto-generated method stub
}
@Override
public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException {
// TODO Auto-generated method stub
}
}};
try {
SSLContext sc = SSLContext.getInstance("TLS");
sc.init(null, trustAllCerts, new java.security.SecureRandom());
appClient.setWebSocketFactory(new DefaultSSLWebSocketClientFactory(sc));
} catch (Exception e) {
e.printStackTrace();
}
}
}
这里封装得到的SimpleWss和WebSocketClient的用法基本一致,如:
import java.net.URI;
import java.net.URISyntaxException;
import org.java_websocket.handshake.ServerHandshake;
public class EscTest {
public static String initmsg = "{'cmd':'login','data':{'username':'xinji','password':'PASSWORD'}}"
.replaceAll("'", "\"").replaceAll("PASSWORD", "1402");
public static void main(String[] args) throws URISyntaxException {
new SimpleWss(new URI("wss://tjpu.edu.org/websocket")) {
@Override
public void onClose(int arg0, String arg1, boolean arg2) {
System.out.println("onClose");
}
@Override
public void onError(Exception arg0) {
System.out.println("onError");
}
@Override
public void onMessage(String arg0) {
System.out.println("onMessage");
this.send(arg0);
}
@Override
public void onOpen(ServerHandshake arg0) {
System.out.println("onOpen");
this.send(initmsg);
}}.connect();
}
}