1.配置https
用宝塔集成的Let's Encrypt或https://freessl.cn/申请
2.服务器配置
开启websocket端口
nginx配置文件设置
3.swoole服务端创建websocket服务器
证书指向
'ssl_cert_file' => '/www/server/panel/vhost/cert/loop812asktest.812ask.com/fullchain.pem',
'ssl_key_file' => '/www/server/panel/vhost/cert/loop812asktest.812ask.com/privkey.pem',
4.textalk创建websocket客户端,用swoole的客户端也行,不过不能在url上带参数,除非用easyswoole
$contextOptions = [
'ssl' => [
'verify_peer' => true, // You could skip all of the trouble by changing this to false, but it's WAY uncool for security reasons.
'cafile' => '/etc/pki/tls/certs/ca-bundle.crt',
'CN_match' => $host, // Change this to your certificates Common Name (or just comment this line out if not needed)
'ciphers' => 'HIGH:!SSLv2:!SSLv3',
'disable_compression' => true,
]
];
$option['context'] = stream_context_create($contextOptions);
*证书指向PHP的php.ini中的openssl.cafile的证书路径,
CA证书下载地址:http://curl.haxx.se/docs/caextract.html
然后修改php.ini文件
openssl.cafile= D:/wamp/php/verify/cacert.pem
4.修改composer.json中secure-http为true
否则报
stream_socket_client(): SSL operation failed with code 1. OpenSSL Error messages:
error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
以上