{"id":24004,"date":"2024-11-21T09:33:40","date_gmt":"2024-11-21T01:33:40","guid":{"rendered":"https:\/\/fwq.ai\/blog\/24004\/"},"modified":"2024-11-21T09:33:40","modified_gmt":"2024-11-21T01:33:40","slug":"swoole%e5%a6%82%e4%bd%95%e5%ae%9e%e7%8e%b0%e9%ab%98%e6%80%a7%e8%83%bd%e7%9a%84ssl%e4%bb%a3%e7%90%86%e6%9c%8d%e5%8a%a1","status":"publish","type":"post","link":"https:\/\/fwq.ai\/blog\/24004\/","title":{"rendered":"Swoole\u5982\u4f55\u5b9e\u73b0\u9ad8\u6027\u80fd\u7684SSL\u4ee3\u7406\u670d\u52a1"},"content":{"rendered":"

\u968f\u7740\u7f51\u7edc\u5b89\u5168\u7684\u91cd\u8981\u6027\u65e5\u76ca\u51f8\u663e\uff0c\u8d8a\u6765\u8d8a\u591a\u7684\u7f51\u7ad9\u9700\u8981\u4f7f\u7528ssl\/tls\u52a0\u5bc6\u6765\u4fdd\u62a4\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u3002\u7136\u800c\uff0c\u4f7f\u7528ssl\/tls\u52a0\u5bc6\u7684\u7f51\u7ad9\u5728\u4f20\u8f93\u6570\u636e\u65f6\u4f1a\u589e\u52a0\u5f88\u5927\u7684\u5f00\u9500\uff0c\u5f71\u54cd\u7f51\u7ad9\u7684\u6027\u80fd\u548c\u54cd\u5e94\u901f\u5ea6\u3002\u4e3a\u4e86\u89e3\u51b3\u8fd9\u4e2a\u95ee\u9898\uff0c\u6211\u4eec\u53ef\u4ee5\u7528\u6765\u5b9e\u73b0\u9ad8\u6027\u80fd\u7684ssl\u4ee3\u7406\u670d\u52a1\u3002<\/p>\n

Swoole\u662f\u4e00\u6b3e\u57fa\u4e8ePHP\u8bed\u8a00\u5f00\u53d1\u7684\u9ad8\u6027\u80fd\u5f02\u6b65\u7f51\u7edc\u6846\u67b6\uff0c\u53ef\u4ee5\u8f7b\u677e\u5b9e\u73b0\u9ad8\u5e76\u53d1\u3001\u9ad8\u6027\u80fd\uff0c\u540c\u65f6\u652f\u6301TCP\u3001UDP\u3001HTTP\u3001WebSocket\u7b49\u534f\u8bae\u3002\u5728Swoole\u4e2d\uff0c\u6211\u4eec\u53ef\u4ee5\u4f7f\u7528\u5f02\u6b65IO\u548c\u534f\u7a0b\u6765\u5b9e\u73b0\u9ad8\u6027\u80fd\u7684\u7f51\u7edc\u7f16\u7a0b\u3002<\/p>\n

\u4e0b\u9762\u6211\u4eec\u6765\u4ecb\u7ecd\u5982\u4f55\u4f7f\u7528Swoole\u6765\u5b9e\u73b0\u9ad8\u6027\u80fd\u7684SSL\u4ee3\u7406\u670d\u52a1\u3002<\/p>\n

    \n
  1. \u521b\u5efaSSL\u4ee3\u7406\u670d\u52a1<\/li>\n<\/ol>\n

    \u6211\u4eec\u9996\u5148\u9700\u8981\u521b\u5efa\u4e00\u4e2aSSL\u4ee3\u7406\u670d\u52a1\u3002\u5728Swoole\u4e2d\uff0c\u6211\u4eec\u53ef\u4ee5\u4f7f\u7528SwooleHttpServer\u7c7b\u6765\u5b9e\u73b0\u4e00\u4e2aHTTP\/HTTPS\u670d\u52a1\u5668\u3002<\/p>\n

    $http = new SwooleHttpServer(\"0.0.0.0\", 9501, SWOOLE_PROCESS, SWOOLE_SOCK_TCP | SWOOLE_SSL);<\/pre>\n
     \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
    \u5728\u521b\u5efa\u670d\u52a1\u5668\u65f6\uff0c\u6211\u4eec\u9700\u8981\u6307\u5b9aIP\u5730\u5740\u3001\u7aef\u53e3\u53f7\u3001\u8fdb\u7a0b\u6a21\u5f0f\u548cSocket\u7c7b\u578b\u3002\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u4f7f\u7528\u4e86SWOOLE_SOCK_TCP | SWOOLE_SSL\u6765\u5f00\u542fSSL\u670d\u52a1\u3002<\/p>\n
      \n
    1. \u8bbe\u7f6eSSL\u8bc1\u4e66\u548c\u5bc6\u94a5<\/li>\n<\/ol>\n
      \u5728\u521b\u5efaSSL\u4ee3\u7406\u670d\u52a1\u65f6\uff0c\u6211\u4eec\u8fd8\u9700\u8981\u8bbe\u7f6eSSL\u8bc1\u4e66\u548c\u5bc6\u94a5\u3002\u6211\u4eec\u53ef\u4ee5\u4f7f\u7528SwooleHttpServer\u7c7b\u7684set\u65b9\u6cd5\u6765\u8bbe\u7f6eSSL\u8bc1\u4e66\u548c\u5bc6\u94a5\u3002<\/p>\n
      $http-&gt;set([\n    'ssl_cert_file' =&gt; '\/path\/to\/server.crt',\n    'ssl_key_file' =&gt; '\/path\/to\/server.key',\n]);<\/pre>\n
       \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
      \u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u9700\u8981\u5c06\u8bc1\u4e66\u548c\u5bc6\u94a5\u6587\u4ef6\u7684\u8def\u5f84\u66ff\u6362\u6210\u5b9e\u9645\u7684\u8def\u5f84\u3002<\/p>\n
        \n
      1. \u5904\u7406SSL\u63e1\u624b\u548c\u8f6c\u53d1\u8bf7\u6c42<\/li>\n<\/ol>\n
        \u5f53\u5ba2\u6237\u7aef\u53d1\u8d77SSL\u8fde\u63a5\u8bf7\u6c42\u65f6\uff0cSwoole\u4f1a\u81ea\u52a8\u5b8c\u6210SSL\u63e1\u624b\u8fc7\u7a0b\u3002\u5728\u63e1\u624b\u6210\u529f\u540e\uff0c\u6211\u4eec\u9700\u8981\u5c06\u5ba2\u6237\u7aef\u53d1\u9001\u7684\u8bf7\u6c42\u8f6c\u53d1\u5230\u5b9e\u9645\u7684\u670d\u52a1\u5668\u3002<\/p>\n
        $http-&gt;on('request', function (SwooleHttpRequest $request, SwooleHttpResponse $response) {\n    $client = new SwooleCoroutineClient(SWOOLE_SOCK_TCP | SWOOLE_SSL);\n    $client-&gt;set([\n        'ssl_host_name' =&gt; $request-&gt;header['host'] ?? '', \/\/ \u83b7\u53d6\u76ee\u6807\u670d\u52a1\u5668\u7684\u4e3b\u673a\u540d\n        'ssl_cafile' =&gt; '\/path\/to\/ca.pem', \/\/ \u6839\u8bc1\u4e66\n    ]);\n    $client-&gt;connect('127.0.0.1', 80, 0.5); \/\/ \u8fde\u63a5\u5b9e\u9645\u7684\u670d\u52a1\u5668\n    $client-&gt;send($request-&gt;rawContent()); \/\/ \u53d1\u9001\u8bf7\u6c42\u6570\u636e\n    $response-&gt;end($client-&gt;recv()); \/\/ \u63a5\u6536\u54cd\u5e94\u6570\u636e\u5e76\u8fd4\u56de\u5ba2\u6237\u7aef\n});<\/pre>\n
         \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
        \u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u4f7f\u7528SwooleCoroutineClient\u7c7b\u6765\u4e0e\u5b9e\u9645\u7684\u670d\u52a1\u5668\u8fdb\u884c\u901a\u4fe1\u3002\u6211\u4eec\u9700\u8981\u8bbe\u7f6essl_host_name\u6765\u6307\u5b9a\u76ee\u6807\u670d\u52a1\u5668\u7684\u4e3b\u673a\u540d\uff0c\u540c\u65f6\u4e5f\u9700\u8981\u63d0\u4f9bSSL\u8bc1\u4e66\u94fe\u7684\u6839\u8bc1\u4e66\u3002<\/p>\n
          \n
        1. \u5b8c\u6574\u4ee3\u7801<\/li>\n<\/ol>\n
          \u4e0b\u9762\u662f\u4e00\u4e2a\u5b8c\u6574\u7684SSL\u4ee3\u7406\u670d\u52a1\u5668\u7684\u4ee3\u7801\uff1a<\/p>\n
          $http = new SwooleHttpServer(\"0.0.0.0\", 9501, SWOOLE_PROCESS, SWOOLE_SOCK_TCP | SWOOLE_SSL);\n$http->set([\n    'ssl_cert_file' => '\/path\/to\/server.crt',\n    'ssl_key_file' => '\/path\/to\/server.key',\n    'ssl_verify_depth' => 10, \/\/ SSL\u8bc1\u4e66\u94fe\u9a8c\u8bc1\u6df1\u5ea6\n]);\n$http->on('request', function (SwooleHttpRequest $request, SwooleHttpResponse $response) {\n    $client = new SwooleCoroutineClient(SWOOLE_SOCK_TCP | SWOOLE_SSL);\n    $client->set([\n        'ssl_host_name' => $request->header['host'] ?? '',\n        'ssl_cafile' => '\/path\/to\/ca.pem',\n    ]);\n    $client->connect('127.0.0.1', 80, 0.5);\n    $client->send($request->rawContent());\n    $response->end($client->recv());\n});\n$http->start();<\/pre>\n
           \u767b\u5f55\u540e\u590d\u5236 <\/p>\n
          \u5728\u4f7f\u7528\u65f6\uff0c\u6211\u4eec\u53ea\u9700\u8981\u5c06\u5b9e\u9645\u7684\u670d\u52a1\u5668\u7684\u5730\u5740\u66ff\u6362\u6210127.0.0.1\u5373\u53ef\u3002\u5728\u5b9e\u9645\u751f\u4ea7\u73af\u5883\u4e2d\uff0c\u6211\u4eec\u53ef\u80fd\u8fd8\u9700\u8981\u6dfb\u52a0\u4e00\u4e9b\u5176\u4ed6\u7684\u5b89\u5168\u63aa\u65bd\u548c\u4f18\u5316\u7b56\u7565\uff0c\u4ee5\u786e\u4fdd\u670d\u52a1\u5668\u7684\u5b89\u5168\u548c\u7a33\u5b9a\u6027\u3002<\/p>\n
          \u603b\u7ed3<\/p>\n
          \u901a\u8fc7\u4f7f\u7528Swoole\u6846\u67b6\uff0c\u6211\u4eec\u53ef\u4ee5\u8f7b\u677e\u5730\u5b9e\u73b0\u9ad8\u6027\u80fd\u7684SSL\u4ee3\u7406\u670d\u52a1\uff0c\u4ee5\u5904\u7406\u5927\u91cf\u7684\u52a0\u5bc6\u8bf7\u6c42\uff0c\u540c\u65f6\u786e\u4fdd\u7f51\u7ad9\u7684\u54cd\u5e94\u901f\u5ea6\u548c\u5b89\u5168\u6027\u3002\u5728\u4f7f\u7528Swoole\u65f6\uff0c\u6211\u4eec\u9700\u8981\u6ce8\u610fSSL\u8bc1\u4e66\u7684\u5b89\u5168\u914d\u7f6e\u548c\u6839\u8bc1\u4e66\u7684\u9a8c\u8bc1\uff0c\u4ee5\u907f\u514d\u5b89\u5168\u6f0f\u6d1e\u548c\u98ce\u9669\u3002<\/p>\n
          \u4ee5\u4e0a\u5c31\u662fSwoole\u5982\u4f55\u5b9e\u73b0\u9ad8\u6027\u80fd\u7684SSL\u4ee3\u7406\u670d\u52a1\u7684\u8be6\u7ec6\u5185\u5bb9\uff0c\u66f4\u591a\u8bf7\u5173\u6ce8\u7c73\u4e91\u5176\u5b83\u76f8\u5173\u6587\u7ae0\uff01<\/p>\n","protected":false},"excerpt":{"rendered":"
          \u968f\u7740\u7f51\u7edc\u5b89\u5168\u7684\u91cd\u8981\u6027\u65e5\u76ca\u51f8\u663e\uff0c\u8d8a\u6765\u8d8a\u591a\u7684\u7f51\u7ad9\u9700\u8981\u4f7f\u7528ssl\/tls\u52a0\u5bc6\u6765\u4fdd\u62a4\u7528\u6237\u6570\u636e\u7684\u5b89\u5168\u3002\u7136\u800c\uff0c\u4f7f\u7528ssl\/tls\u52a0\u5bc6\u7684\u7f51\u7ad9\u5728\u4f20\u8f93\u6570\u636e\u65f6\u4f1a\u589e\u52a0\u5f88\u5927\u7684\u5f00\u9500\uff0c\u5f71\u54cd\u7f51\u7ad9\u7684\u6027\u80fd\u548c\u54cd\u5e94\u901f\u5ea6\u3002\u4e3a\u4e86\u89e3\u51b3\u8fd9\u4e2a\u95ee\u9898\uff0c\u6211\u4eec\u53ef\u4ee5\u7528\u6765\u5b9e\u73b0\u9ad8\u6027\u80fd\u7684ssl\u4ee3\u7406\u670d\u52a1\u3002 Swoole\u662f\u4e00\u6b3e\u57fa\u4e8ePHP\u8bed\u8a00\u5f00\u53d1\u7684\u9ad8\u6027\u80fd\u5f02\u6b65\u7f51\u7edc\u6846\u67b6\uff0c\u53ef\u4ee5\u8f7b\u677e\u5b9e\u73b0\u9ad8\u5e76\u53d1\u3001\u9ad8\u6027\u80fd\uff0c\u540c\u65f6\u652f\u6301TCP\u3001UDP\u3001HTTP\u3001WebSocket\u7b49\u534f\u8bae\u3002\u5728Swoole\u4e2d\uff0c\u6211\u4eec\u53ef\u4ee5\u4f7f\u7528\u5f02\u6b65IO\u548c\u534f\u7a0b\u6765\u5b9e\u73b0\u9ad8\u6027\u80fd\u7684\u7f51\u7edc\u7f16\u7a0b\u3002 \u4e0b\u9762\u6211\u4eec\u6765\u4ecb\u7ecd\u5982\u4f55\u4f7f\u7528Swoole\u6765\u5b9e\u73b0\u9ad8\u6027\u80fd\u7684SSL\u4ee3\u7406\u670d\u52a1\u3002 \u521b\u5efaSSL\u4ee3\u7406\u670d\u52a1 \u6211\u4eec\u9996\u5148\u9700\u8981\u521b\u5efa\u4e00\u4e2aSSL\u4ee3\u7406\u670d\u52a1\u3002\u5728Swoole\u4e2d\uff0c\u6211\u4eec\u53ef\u4ee5\u4f7f\u7528SwooleHttpServer\u7c7b\u6765\u5b9e\u73b0\u4e00\u4e2aHTTP\/HTTPS\u670d\u52a1\u5668\u3002 $http = new SwooleHttpServer(“0.0.0.0″, 9501, SWOOLE_PROCESS, SWOOLE_SOCK_TCP | SWOOLE_SSL); \u767b\u5f55\u540e\u590d\u5236 \u5728\u521b\u5efa\u670d\u52a1\u5668\u65f6\uff0c\u6211\u4eec\u9700\u8981\u6307\u5b9aIP\u5730\u5740\u3001\u7aef\u53e3\u53f7\u3001\u8fdb\u7a0b\u6a21\u5f0f\u548cSocket\u7c7b\u578b\u3002\u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u4f7f\u7528\u4e86SWOOLE_SOCK_TCP | SWOOLE_SSL\u6765\u5f00\u542fSSL\u670d\u52a1\u3002 \u8bbe\u7f6eSSL\u8bc1\u4e66\u548c\u5bc6\u94a5 \u5728\u521b\u5efaSSL\u4ee3\u7406\u670d\u52a1\u65f6\uff0c\u6211\u4eec\u8fd8\u9700\u8981\u8bbe\u7f6eSSL\u8bc1\u4e66\u548c\u5bc6\u94a5\u3002\u6211\u4eec\u53ef\u4ee5\u4f7f\u7528SwooleHttpServer\u7c7b\u7684set\u65b9\u6cd5\u6765\u8bbe\u7f6eSSL\u8bc1\u4e66\u548c\u5bc6\u94a5\u3002 $http-&gt;set([ ‘ssl_cert_file’ =&gt; ‘\/path\/to\/server.crt’, ‘ssl_key_file’ =&gt; ‘\/path\/to\/server.key’, ]); \u767b\u5f55\u540e\u590d\u5236 \u5728\u8fd9\u91cc\uff0c\u6211\u4eec\u9700\u8981\u5c06\u8bc1\u4e66\u548c\u5bc6\u94a5\u6587\u4ef6\u7684\u8def\u5f84\u66ff\u6362\u6210\u5b9e\u9645\u7684\u8def\u5f84\u3002 \u5904\u7406SSL\u63e1\u624b\u548c\u8f6c\u53d1\u8bf7\u6c42 \u5f53\u5ba2\u6237\u7aef\u53d1\u8d77SSL\u8fde\u63a5\u8bf7\u6c42\u65f6\uff0cSwoole\u4f1a\u81ea\u52a8\u5b8c\u6210SSL\u63e1\u624b\u8fc7\u7a0b\u3002\u5728\u63e1\u624b\u6210\u529f\u540e\uff0c\u6211\u4eec\u9700\u8981\u5c06\u5ba2\u6237\u7aef\u53d1\u9001\u7684\u8bf7\u6c42\u8f6c\u53d1\u5230\u5b9e\u9645\u7684\u670d\u52a1\u5668\u3002 $http-&gt;on(‘request’, function (SwooleHttpRequest $request, SwooleHttpResponse $response) { $client = new SwooleCoroutineClient(SWOOLE_SOCK_TCP | SWOOLE_SSL); $client-&gt;set([ ‘ssl_host_name’ =&gt; $request-&gt;header[‘host’] ?? ”, \/\/ \u83b7\u53d6\u76ee\u6807\u670d\u52a1\u5668\u7684\u4e3b\u673a\u540d ‘ssl_cafile’ =&gt; […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16],"tags":[],"class_list":["post-24004","post","type-post","status-publish","format-standard","hentry","category-16"],"_links":{"self":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/24004","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/comments?post=24004"}],"version-history":[{"count":0,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/24004\/revisions"}],"wp:attachment":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/media?parent=24004"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/categories?post=24004"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/tags?post=24004"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}