ssl off;
http反向代理 vnc 是正常的 ,最后websocket是长连接的。
ssl on:
https反向代理,到最后一步时,没有保持长连接。
这是我的参数配置,感觉没什么问题,请大神指点!
upstream vnc_server{
server 178.37.35.22:6080;
}
server {
listen 443;
server_name nginx-vnc-ssl;
ssl on;
ssl_certificate i.abcloud.pem;
ssl_certificate_key i.jcloud.com.key;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers HIGH:!ADH:!EXPORT56:RC4+RSA:+MEDIUM;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://vnc_server;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_max_temp_file_size 0;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
proxy_set_header Upgrade $http_upgrade; // 这2个websocket必备的 也加了
proxy_set_header Connection "Upgrade";
}