502 Bad Gateway > websocket: bad handshake

提交 Issue 之前请先阅读 Issue 指引，然后回答下面的问题，谢谢。除非特殊情况，请完整填写所有问题。不按模板发的 issue 将直接被关闭。如果你遇到的问题不是 V2Ray 的 bug，比如你不清楚要如何配置，请使用Discussion进行讨论。

1) 你正在使用哪个版本的 V2Ray？（如果服务器和客户端使用了不同版本，请注明） v4.23.1 2) 你的使用场景是什么？比如使用 Chrome 通过 Socks/VMess 代理观看 YouTube 视频。 Chrome 通过 Socks/VMess 代理访问google 3) 你看到的不正常的现象是什么？（请描述具体现象，比如访问超时，TLS 证书错误等） 502 Bad Gateway > websocket: bad handshake 4) 你期待看到的正确表现是怎样的？

5) 请附上你的配置（提交 Issue 前请隐藏服务器端IP地址）。

服务器端配置:

{
  "inbounds": [{
    "port": 10000,
    "listen": "127.0.0.1",
    "protocol": "vmess",
    "settings": {
      "clients": [
        {
          "id": "xxx",
          "alterId": 64
        },
        {
          "id": "xxx",
          "alterId": 32
        },
        {
          "id": "xxx",
          "alterId": 62
        },
        {
          "id": "xxx",
          "alterId": 63
        }
      ]
    },
    "streamSettings": {
        "network": "ws",
        "wsSettings": {
        "path": "/fun"
        }
    }
  }],
  "outbounds": [{
    "protocol": "freedom",
    "settings": {}
  }],
  "log": {
    "access": "/var/log/v2ray-access.log",
    "error": "/var/log/v2ray-error.log",
    "loglevel": "debug"
  }
}

客户端配置:

{
  "policy": null,
  "log": {
    "access": "",
    "error": "",
    "loglevel": "warning"
  },
  "inbounds": [
    {
      "tag": "proxy",
      "port": 10808,
      "listen": "127.0.0.1",
      "protocol": "socks",
      "sniffing": {
        "enabled": true,
        "destOverride": [
          "http",
          "tls"
        ]
      },
      "settings": {
        "auth": "noauth",
        "udp": false,
        "ip": null,
        "address": null,
        "clients": null
      },
      "streamSettings": null
    }
  ],
  "outbounds": [
    {
      "tag": "proxy",
      "protocol": "vmess",
      "settings": {
        "vnext": [
          {
            "address": "xxx",
            "port": 443,
            "users": [
              {
                "id": "xxx",
                "alterId": 32,
                "email": "t@t.tt", #这个是v2rayN 自动生成的
                "security": "none"
              }
            ]
          }
        ],
        "servers": null,
        "response": null
      },
      "streamSettings": {
        "network": "ws",
        "security": "tls",
        "tlsSettings": {
          "allowInsecure": false,
          "serverName": null
        },
        "tcpSettings": null,
        "kcpSettings": null,
        "wsSettings": {
          "connectionReuse": true,
          "path": "/fun",
          "headers": null
        },
        "httpSettings": null,
        "quicSettings": null
      },
      "mux": {
        "enabled": false,
        "concurrency": -1
      }
    },
    {
      "tag": "direct",
      "protocol": "freedom",
      "settings": {
        "vnext": null,
        "servers": null,
        "response": null
      },
      "streamSettings": null,
      "mux": null
    },
    {
      "tag": "block",
      "protocol": "blackhole",
      "settings": {
        "vnext": null,
        "servers": null,
        "response": {
          "type": "http"
        }
      },
      "streamSettings": null,
      "mux": null
    }
  ],
  "stats": null,
  "api": null,
  "dns": null,
  "routing": {
    "domainStrategy": "IPIfNonMatch",
    "rules": [
      {
        "type": "field",
        "port": null,
        "inboundTag": [
          "api"
        ],
        "outboundTag": "api",
        "ip": null,
        "domain": null
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "proxy",
        "ip": null,
        "domain": [
          "geosite:google",
          "geosite:github",
          "geosite:netflix",
          "geosite:steam",
          "geosite:telegram",
          "geosite:tumblr",
          "geosite:speedtest",
          "geosite:bbc",
          "domain:gvt1.com",
          "domain:textnow.com",
          "domain:twitch.tv",
          "domain:wikileaks.org",
          "domain:naver.com",
          "domain:github.com"
        ]
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "proxy",
        "ip": [
          "91.108.4.0/22",
          "91.108.8.0/22",
          "91.108.12.0/22",
          "91.108.20.0/22",
          "91.108.36.0/23",
          "91.108.38.0/23",
          "91.108.56.0/22",
          "149.154.160.0/20",
          "149.154.164.0/22",
          "149.154.172.0/22",
          "74.125.0.0/16",
          "173.194.0.0/16",
          "172.217.0.0/16",
          "216.58.200.0/24",
          "216.58.220.0/24",
          "91.108.56.116",
          "91.108.56.0/24",
          "109.239.140.0/24",
          "149.154.167.0/24",
          "149.154.175.0/24"
        ],
        "domain": null
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "direct",
        "ip": null,
        "domain": [
          "domain:12306.com",
          "domain:51ym.me",
          "domain:52pojie.cn",
          "domain:8686c.com",
          "domain:abercrombie.com",
          "domain:adobesc.com",
          "domain:air-matters.com",
          "domain:air-matters.io",
          "domain:airtable.com",
          "domain:akadns.net",
          "domain:apache.org",
          "domain:api.crisp.chat",
          "domain:api.termius.com",
          "domain:appshike.com",
          "domain:appstore.com",
          "domain:aweme.snssdk.com",
          "domain:bababian.com",
          "domain:battle.net",
          "domain:beatsbydre.com",
          "domain:bet365.com",
          "domain:bilibili.cn",
          "domain:ccgslb.com",
          "domain:ccgslb.net",
          "domain:chunbo.com",
          "domain:chunboimg.com",
          "domain:clashroyaleapp.com",
          "domain:cloudsigma.com",
          "domain:cloudxns.net",
          "domain:cmfu.com",
          "domain:culturedcode.com",
          "domain:dct-cloud.com",
          "domain:didialift.com",
          "domain:douyutv.com",
          "domain:duokan.com",
          "domain:dytt8.net",
          "domain:easou.com",
          "domain:ecitic.net",
          "domain:eclipse.org",
          "domain:eudic.net",
          "domain:ewqcxz.com",
          "domain:fir.im",
          "domain:frdic.com",
          "domain:fresh-ideas.cc",
          "domain:godic.net",
          "domain:goodread.com",
          "domain:haibian.com",
          "domain:hdslb.net",
          "domain:hollisterco.com",
          "domain:hongxiu.com",
          "domain:hxcdn.net",
          "domain:images.unsplash.com",
          "domain:img4me.com",
          "domain:ipify.org",
          "domain:ixdzs.com",
          "domain:jd.hk",
          "domain:jianshuapi.com",
          "domain:jomodns.com",
          "domain:jsboxbbs.com",
          "domain:knewone.com",
          "domain:kuaidi100.com",
          "domain:lemicp.com",
          "domain:letvcloud.com",
          "domain:lizhi.io",
          "domain:localizecdn.com",
          "domain:lucifr.com",
          "domain:luoo.net",
          "domain:mai.tn",
          "domain:maven.org",
          "domain:miwifi.com",
          "domain:moji.com",
          "domain:moke.com",
          "domain:mtalk.google.com",
          "domain:mxhichina.com",
          "domain:myqcloud.com",
          "domain:myunlu.com",
          "domain:netease.com",
          "domain:nfoservers.com",
          "domain:nssurge.com",
          "domain:nuomi.com",
          "domain:ourdvs.com",
          "domain:overcast.fm",
          "domain:paypal.com",
          "domain:paypalobjects.com",
          "domain:pgyer.com",
          "domain:qdaily.com",
          "domain:qdmm.com",
          "domain:qin.io",
          "domain:qingmang.me",
          "domain:qingmang.mobi",
          "domain:qqurl.com",
          "domain:rarbg.to",
          "domain:rrmj.tv",
          "domain:ruguoapp.com",
          "domain:sm.ms",
          "domain:snwx.com",
          "domain:soku.com",
          "domain:startssl.com",
          "domain:store.steampowered.com",
          "domain:symcd.com",
          "domain:teamviewer.com",
          "domain:tmzvps.com",
          "domain:trello.com",
          "domain:trellocdn.com",
          "domain:ttmeiju.com",
          "domain:udache.com",
          "domain:uxengine.net",
          "domain:weather.bjango.com",
          "domain:weather.com",
          "domain:webqxs.com",
          "domain:weico.cc",
          "domain:wenku8.net",
          "domain:werewolf.53site.com",
          "domain:windowsupdate.com",
          "domain:wkcdn.com",
          "domain:workflowy.com",
          "domain:xdrig.com",
          "domain:xiaojukeji.com",
          "domain:xiaomi.net",
          "domain:xiaomicp.com",
          "domain:ximalaya.com",
          "domain:xitek.com",
          "domain:xmcdn.com",
          "domain:xslb.net",
          "domain:xteko.com",
          "domain:yach.me",
          "domain:yixia.com",
          "domain:yunjiasu-cdn.net",
          "domain:zealer.com",
          "domain:zgslb.net",
          "domain:zimuzu.tv",
          "domain:zmz002.com",
          "domain:samsungdm.com",
          "domain:vultr.com",
          "domain:wynwzyn.imdo.co",
          "domain:baidu.com"
        ]
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "block",
        "ip": null,
        "domain": [
          "geosite:category-ads"
        ]
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "direct",
        "ip": [
          "geoip:private"
        ],
        "domain": null
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "direct",
        "ip": [
          "geoip:cn"
        ],
        "domain": null
      },
      {
        "type": "field",
        "port": null,
        "inboundTag": null,
        "outboundTag": "direct",
        "ip": null,
        "domain": [
          "geosite:cn"
        ]
      }
    ]
  }
}

6) 请附上出错时软件输出的错误日志。在 Linux 中，日志通常在 /var/log/v2ray/error.log 文件中。

服务器端错误日志:

2020/04/24 18:00:33 [Warning] v2ray.com/core: V2Ray 4.23.1 started
2020/04/24 18:02:04 [Debug] v2ray.com/core/app/log: Logger started
2020/04/24 18:02:04 [Debug] v2ray.com/core/app/proxyman/inbound: creating stream worker on 127.0.0.1:10000
2020/04/24 18:02:04 [Warning] v2ray.com/core: V2Ray 4.23.1 started

客户端错误日志: 2020/04/24 17:57:41 [Warning] [3844899826] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://xxx/fun): 502 Bad Gateway > websocket: bad handshake] > v2ray.com/core/common/retry: all retry attempts failed

7) 请附上访问日志。在 Linux 中，日志通常在 /var/log/v2ray/access.log 文件中。里面什么也没有 8) 其它相关的配置文件（如 Nginx）和相关日志。 nginx.conf

# For more information on configuration, see:
#   * Official English Documentation: http://nginx.org/en/docs/
#   * Official Russian Documentation: http://nginx.org/ru/docs/

user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

events {
    worker_connections 1024;
}

http {
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile            on;
    tcp_nopush          on;
    tcp_nodelay         on;
    keepalive_timeout   65;
    types_hash_max_size 2048;

    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    # Load modular configuration files from the /etc/nginx/conf.d directory.
    # See http://nginx.org/en/docs/ngx_core_module.html#include
    # for more information.
    include /etc/nginx/conf.d/*.conf;

}

v2ray.conf

server {
  listen 443 ssl;
  listen [::]:443 ssl;

  #ssl_certificate       /etc/v2ray/v2ray.crt;
  #ssl_certificate_key   /etc/v2ray/v2ray.key;
  ssl_session_timeout 1d;
  ssl_session_cache shared:MozSSL:10m;
  ssl_session_tickets off;

  #ssl_protocols         TLSv1.2 TLSv1.3;
  #ssl_ciphers           ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
  #ssl_prefer_server_ciphers off;

  #include /etc/letsencrypt/options-ssl-nginx.conf;

  server_name           xxx www.xxx;
  location /fun { # 与 V2Ray 配置中的 path 保持一致
    if ($http_upgrade != "websocket") { # WebSocket协商失败时返回404
        return 404;
    }
    proxy_redirect off;
    proxy_pass http://127.0.0.1:10000; # 假设WebSocket监听在环回地址的10000端口上
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;
    # Show real IP in v2ray access.log
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }

  location / {
    root /data/html5-canvas-spiral/;
  }

    ssl_certificate /etc/letsencrypt/live/xxx/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/xxx/privkey.pem; # managed by Certbot
}

access.log

xxx - - [24/Apr/2020:18:02:49 +0800] "GET /fun HTTP/1.1" 502 173 "-" "Go-http-client/1.1" "-"
xxx - - [24/Apr/2020:18:03:03 +0800] "GET /fun HTTP/1.1" 502 173 "-" "Go-http-client/1.1" "-"
xxx - - [24/Apr/2020:18:03:04 +0800] "GET /fun HTTP/1.1" 502 173 "-" "Go-http-client/1.1" "-"
xxx - - [24/Apr/2020:18:03:05 +0800] "GET /fun HTTP/1.1" 502 173 "-" "Go-http-client/1.1" "-"
xxx - - [24/Apr/2020:18:03:06 +0800] "GET /fun HTTP/1.1" 502 173 "-" "Go-http-client/1.1" "-"
xxx - - [24/Apr/2020:18:03:07 +0800] "GET /fun HTTP/1.1" 502 173 "-" "Go-http-client/1.1" "-"
xxx - - [24/Apr/2020:18:03:09 +0800] "GET /fun HTTP/1.1" 502 173 "-" "Go-http-client/1.1" "-"
xxx - - [24/Apr/2020:18:03:09 +0800] "GET /fun HTTP/1.1" 502 173 "-" "Go-http-client/1.1" "-"
xxx - - [24/Apr/2020:18:03:10 +0800] "GET /fun HTTP/1.1" 502 173 "-" "Go-http-client/1.1" "-"
xxx - - [24/Apr/2020:18:03:11 +0800] "GET /fun HTTP/1.1" 502 173 "-" "Go-http-client/1.1" "-"
xxx - - [24/Apr/2020:18:03:12 +0800] "GET /fun HTTP/1.1" 502 173 "-" "Go-http-client/1.1" "-"

error.log

2020/04/24 18:03:44 [crit] 16232#0: *2392 connect() to 127.0.0.1:10000 failed (13: Permission denied) while connecting to upstream, client: xxx, server: xxx, request: "GET /fun HTTP/1.1", upstream: "http://127.0.0.1:10000/fun", host: "xxx"
2020/04/24 18:03:45 [crit] 16232#0: *2394 connect() to 127.0.0.1:10000 failed (13: Permission denied) while connecting to upstream, client: xxx, server: xxx, request: "GET /fun HTTP/1.1", upstream: "http://127.0.0.1:10000/fun", host: "xxx"
2020/04/24 18:03:46 [crit] 16232#0: *2396 connect() to 127.0.0.1:10000 failed (13: Permission denied) while connecting to upstream, client: xxx, server: xxx, request: "GET /fun HTTP/1.1", upstream: "http://127.0.0.1:10000/fun", host: "xxx"

9) 如果 V2Ray 无法启动，请附上 --test 输出。

可以启动

10) 如果 V2Ray 服务运行不正常，请附上 journal 日志。

Apr 24 17:07:38 vultrguest systemd[1]: Started V2Ray - A unified platform for anti-censorship.
Apr 24 17:07:38 vultrguest v2ray[15163]: V2Ray 4.23.1 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.13 linux/amd64)
Apr 24 17:07:38 vultrguest v2ray[15163]: A unified platform for anti-censorship.
Apr 24 17:07:39 vultrguest v2ray[15163]: 2020/04/24 17:07:39 [Info] v2ray.com/core/common/platform/ctlcmd: <v2ctl message>
Apr 24 17:07:39 vultrguest v2ray[15163]: v2ctl> Read config:  /etc/v2ray/config.json
Apr 24 17:07:39 vultrguest v2ray[15163]: 2020/04/24 17:07:39 [Warning] v2ray.com/core: V2Ray 4.23.1 started
Apr 24 17:27:23 vultrguest systemd[1]: Stopping V2Ray - A unified platform for anti-censorship...
Apr 24 17:27:23 vultrguest systemd[1]: Stopped V2Ray - A unified platform for anti-censorship.
Apr 24 17:27:23 vultrguest systemd[1]: Started V2Ray - A unified platform for anti-censorship.
Apr 24 17:27:23 vultrguest v2ray[16000]: V2Ray 4.23.1 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.13 linux/amd64)
Apr 24 17:27:23 vultrguest v2ray[16000]: A unified platform for anti-censorship.
Apr 24 17:27:23 vultrguest v2ray[16000]: 2020/04/24 17:27:23 [Info] v2ray.com/core/common/platform/ctlcmd: <v2ctl message>
Apr 24 17:27:23 vultrguest v2ray[16000]: v2ctl> Read config:  /etc/v2ray/config.json
Apr 24 17:27:24 vultrguest v2ray[16000]: 2020/04/24 17:27:24 [Warning] v2ray.com/core: V2Ray 4.23.1 started
Apr 24 17:56:58 vultrguest systemd[1]: Stopping V2Ray - A unified platform for anti-censorship...
Apr 24 17:56:58 vultrguest systemd[1]: Stopped V2Ray - A unified platform for anti-censorship.
Apr 24 17:56:58 vultrguest systemd[1]: Started V2Ray - A unified platform for anti-censorship.
Apr 24 17:56:58 vultrguest v2ray[17265]: V2Ray 4.23.1 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.13 linux/amd64)
Apr 24 17:56:58 vultrguest v2ray[17265]: A unified platform for anti-censorship.
Apr 24 17:56:58 vultrguest v2ray[17265]: 2020/04/24 17:56:58 [Info] v2ray.com/core/common/platform/ctlcmd: <v2ctl message>
Apr 24 17:56:58 vultrguest v2ray[17265]: v2ctl> Read config:  /etc/v2ray/config.json
Apr 24 17:56:58 vultrguest v2ray[17265]: 2020/04/24 17:56:58 [Warning] v2ray.com/core: V2Ray 4.23.1 started
Apr 24 18:00:33 vultrguest systemd[1]: Stopping V2Ray - A unified platform for anti-censorship...
Apr 24 18:00:33 vultrguest systemd[1]: Stopped V2Ray - A unified platform for anti-censorship.
Apr 24 18:00:33 vultrguest systemd[1]: Started V2Ray - A unified platform for anti-censorship.
Apr 24 18:00:33 vultrguest v2ray[17403]: V2Ray 4.23.1 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.13 linux/amd64)
Apr 24 18:00:33 vultrguest v2ray[17403]: A unified platform for anti-censorship.
Apr 24 18:00:33 vultrguest v2ray[17403]: 2020/04/24 18:00:33 [Info] v2ray.com/core/common/platform/ctlcmd: <v2ctl message>
Apr 24 18:00:33 vultrguest v2ray[17403]: v2ctl> Read config:  /etc/v2ray/config.json
Apr 24 18:02:04 vultrguest systemd[1]: Stopping V2Ray - A unified platform for anti-censorship...
Apr 24 18:02:04 vultrguest systemd[1]: Stopped V2Ray - A unified platform for anti-censorship.
Apr 24 18:02:04 vultrguest systemd[1]: Started V2Ray - A unified platform for anti-censorship.
Apr 24 18:02:04 vultrguest v2ray[17489]: V2Ray 4.23.1 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.13 linux/amd64)
Apr 24 18:02:04 vultrguest v2ray[17489]: A unified platform for anti-censorship.
Apr 24 18:02:04 vultrguest v2ray[17489]: 2020/04/24 18:02:04 [Info] v2ray.com/core/common/platform/ctlcmd: <v2ctl message>
Apr 24 18:02:04 vultrguest v2ray[17489]: v2ctl> Read config:  /etc/v2ray/config.json

v2ray / v2ray-core

502 Bad Gateway > websocket: bad handshake #2451