#1606

New issue

Closed

opened 2026-05-05 13:01:36 -06:00 by gitea-mirror · 2 comments

gitea-mirror commented

2026-05-05 13:01:36 -06:00

Owner

Originally created by @kingwilliam on GitHub (Oct 11, 2020).
Original GitHub issue: https://github.com/fatedier/frp/issues/2024

Issue is only used for submiting bug report and documents typo. If there are same issues or answers can be found in documents, we will close it directly.

Use the commands below to provide key information from your environment:
You do NOT have to include this information if this is a FEATURE REQUEST

What version of frp are you using (./frpc -v or ./frps -v)?
0.34.0

What operating system and processor architecture are you using (go env)?
ubuntu 20.04

題問:
client 和 server 都已设定 tls
想在 frps前加上haproxy作保护, 减少不必要的骚扰

但发现 frpc 一开始是用http发起连接 (plain text)
之後用ws(也是 plain text)
请问可否设定一开始就用 https:// 和 wss://

server log

2020/07/13 11:20:28 [D] [proxy.go:162]   [c8b36609fedaae24] [03] get a user connection [127.0.0.1:58562]
2020/07/13 11:20:28 [D] [control.go:248] [c8b36609fedaae24] get work connection from pool
2020/07/13 11:20:28 [I] [proxy.go:103]   [c8b36609fedaae24] [03] get a new work connection: [http://fqdn:12345]
2020/07/13 11:20:28 [T] [proxy.go:262]   [c8b36609fedaae24] [03] handler user tcp connection, use_encryption: false, use_compression: true
2020/07/13 11:20:28 [D] [proxy.go:273]   [c8b36609fedaae24] [03] join connections, workConn(l[ws://fqdn:12345/~!frp] r[http://fqdn:12345]) userConn(l[127.0.0.1:16383] r[127.0.0.1:58562])
2020/07/13 11:20:28 [D] [control.go:219] [c8b36609fedaae24] new work connection registered

server setting

[common]
bind_port = 12345
tls_only = true
token = token
max_pool_count = 50

tls_cert_file = site_crt.pem
tls_key_file = site_key.pem
tls_trusted_ca_file = ca_crt.pem

authentication_method = token
authenticate_heartbeats = true
authenticate_new_work_conns = true


# console or real logFile path like ./frps.log
log_file = /var/log/frp/frps.log

# trace, debug, info, warn, error
log_level = trace

log_max_days = 3

client setting

[common]
server_addr = fqdn
server_port = 12345
protocol = websocket
token = token
tls_enable = true
pool_count = 3

tls_cert_file = client_crt.pem
tls_key_file = client_key.pem
tls_trusted_ca_file = ca_crt.pem

authentication_method = token
authenticate_heartbeats = true
authenticate_new_work_conns = true

# console or real logFile path like ./frps.log
log_file = /var/log/frp/frpc.log

# trace, debug, info, warn, error
log_level = info

log_max_days = 3



[03]
type = tcp
plugin = unix_domain_socket
plugin_unix_path = /tmp/frp_haproxy.sock
remote_port = 16383
group = grp01
group_key = key01
use_compression = true

Originally created by @kingwilliam on GitHub (Oct 11, 2020). Original GitHub issue: https://github.com/fatedier/frp/issues/2024 Issue is only used for submiting bug report and documents typo. If there are same issues or answers can be found in documents, we will close it directly. Use the commands below to provide key information from your environment: You do NOT have to include this information if this is a FEATURE REQUEST **What version of frp are you using (./frpc -v or ./frps -v)?** 0.34.0 **What operating system and processor architecture are you using (`go env`)?** ubuntu 20.04 題問: client 和 server 都已设定 tls 想在 frps前加上haproxy作保护, 减少不必要的骚扰 - 但发现 frpc 一开始是用http发起连接 (plain text) - 之後用ws(也是 plain text) 请问可否设定一开始就用 https:// 和 wss:// server log ``` 2020/07/13 11:20:28 [D] [proxy.go:162] [c8b36609fedaae24] [03] get a user connection [127.0.0.1:58562] 2020/07/13 11:20:28 [D] [control.go:248] [c8b36609fedaae24] get work connection from pool 2020/07/13 11:20:28 [I] [proxy.go:103] [c8b36609fedaae24] [03] get a new work connection: [http://fqdn:12345] 2020/07/13 11:20:28 [T] [proxy.go:262] [c8b36609fedaae24] [03] handler user tcp connection, use_encryption: false, use_compression: true 2020/07/13 11:20:28 [D] [proxy.go:273] [c8b36609fedaae24] [03] join connections, workConn(l[ws://fqdn:12345/~!frp] r[http://fqdn:12345]) userConn(l[127.0.0.1:16383] r[127.0.0.1:58562]) 2020/07/13 11:20:28 [D] [control.go:219] [c8b36609fedaae24] new work connection registered ``` server setting ``` [common] bind_port = 12345 tls_only = true token = token max_pool_count = 50 tls_cert_file = site_crt.pem tls_key_file = site_key.pem tls_trusted_ca_file = ca_crt.pem authentication_method = token authenticate_heartbeats = true authenticate_new_work_conns = true # console or real logFile path like ./frps.log log_file = /var/log/frp/frps.log # trace, debug, info, warn, error log_level = trace log_max_days = 3 ``` client setting ``` [common] server_addr = fqdn server_port = 12345 protocol = websocket token = token tls_enable = true pool_count = 3 tls_cert_file = client_crt.pem tls_key_file = client_key.pem tls_trusted_ca_file = ca_crt.pem authentication_method = token authenticate_heartbeats = true authenticate_new_work_conns = true # console or real logFile path like ./frps.log log_file = /var/log/frp/frpc.log # trace, debug, info, warn, error log_level = info log_max_days = 3 [03] type = tcp plugin = unix_domain_socket plugin_unix_path = /tmp/frp_haproxy.sock remote_port = 16383 group = grp01 group_key = key01 use_compression = true ```