通过frps 内外网穿透解决微信开发,特别是小程序开发要求业务接口都是https协议的需求。

准备工作

1.有一台阿里云的Linux CentOS6 服务器,安装支持ssl模块的Nginx

2.有自己的域名,把域名解析到指向该服务器IP,本例中将wx.wangjiang.net 解析到服务器IP

3.为二级域名wx.wangjiang.net 申请免费的CA证书,因为小程序的业务接口不支持http协议。

 

服务端安装frps

 wget --no-check-certificate https://raw.githubusercontent.com/clangcn/onekey-install-shell/master/frps/install-frps.sh -O ./install-frps.sh
 chmod 700 ./install-frps.sh
 ./install-frps.sh install

安装路径:/usr/local/frps

frps命令:frps {start|stop|restart|status|config|version}

 例如:
启动: frps start
停止: frps stop
重启: frps restart

[common]
bind_addr = 0.0.0.0
bind_port = 5443
dashboard_port = 6443
dashboard_user = admin
dashboard_pwd = 123456

vhost_http_port = 9090
vhost_https_port = 4443
log_file = ./frps.log
# debug, info, warn, error
log_level = info
log_max_days = 3
# privilege mode is the only supported mode since v0.10.0
privilege_token = abgbced0556
# only allow frpc to bind ports you list, if you set nothing, there won\'t be any limit
#privilege_allow_ports = 1-65535
# pool_count in each proxy will change to max_pool_count if they exceed the maximum value
max_pool_count = 50
# if tcp stream multiplexing is used, default is true
tcp_mux = true

[http]
type = http
auth_token = 12345678
custom_domains = wx.wangjiang.net

[https]
type = https
auth_token = 12345678
custom_domains = wx.wangjiang.net

 

Nginx配置以支持https协议

编辑nginx.conf

  server {
        listen       443 ssl;
        server_name  wx.wangjiang.net;
        ssl on;
        root html;
        index index.html index.htm;
        ssl_certificate   cert/214617017500276.pem;
        ssl_certificate_key  cert/214617017500276.key;
        ssl_session_timeout 5m;
        ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
        ssl_prefer_server_ciphers on;

        location / {
            root   html;
            index  index.html index.htm;
        }

        location ^~ /chapter {
                proxy_pass http://wx.wangjiang.net:9090/chapter;
                add_header Access-Control-Allow-Origin \'*\';
      }
    }

 

自己开发机器frps客户端安装

在windows机器上 点击下载 https://github.com/fatedier/frp/releases/download/v0.17.0/frp_0.17.0_windows_amd64.zip

下载完成后解压,编辑frpc.ini

[common]
server_addr = 101.37.29.240
server_port = 5443
token = abgbced0556
auth_token = 12345678
customer_domains = wx.wangjiang.net

[http]
type = http
local_ip = 127.0.0.1
local_port = 8080
custom_domains = wx.wangjiang.net

双击frpc.exe,即可

 

测试操作流程

1.在本地启动Web程序端口为8080 比如:http://127.0.0.1:8080/chapter2/customer

2.测试是否可通过http://wx.wangjiang.net:9090/chapter2/customer 进行访问,如果可以证明内外面是互通的。

3.测试是否可通过https://wx.wangjiang.net/chapter2/customer进行访问,这里走nginx做代理转发请求到http://wx.wangjiang.net:9090/chapter2/customer,即可满足

小程序接口调试要求。

 

参考

https://blog.csdn.net/qqr99000/article/details/79329415

https://blog.csdn.net/u011054333/article/details/71507074

 

版权声明:本文为zendwang原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://www.cnblogs.com/zendwang/p/wechat-miniprogram-internal-and-external-network-penetration-tool-frps.html