https-portal icon indicating copy to clipboard operation
https-portal copied to clipboard

Published 20 hours ago verified publisher icon SteveLTN

WebSocket and SSL certificate

Open pinkynrg opened this issue 5 years ago • 6 comments

I would like to solve this issue as this gentleman explains but i don't know how to do it. Any suggestions? Thanks

https://github.com/socketio/socket.io/issues/1942#issuecomment-82352072

pinkynrg avatar Nov 19 '19 06:11 pinkynrg

Sorry, I don't really understand what you question is.

SteveLTN avatar Nov 19 '19 09:11 SteveLTN

I need to add this settings to the nginx that is doing the reverse proxy in order for the web sockets to work. How can I do it?

proxy_pass http://localhost:8080 ;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}

pinkynrg avatar Nov 19 '19 10:11 pinkynrg

Any updates here ?

I need to add this settings to the nginx that is doing the reverse proxy in order for the web sockets to work. How can I do it?

proxy_pass http://localhost:8080 ;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}

It looks like this is handled already meaning another solution is needed. Default nginx config ..relevent code..

    location / {
        <% if ENV['DYNAMIC_UPSTREAM'] && ENV['DYNAMIC_UPSTREAM'].downcase == 'true' %>
        set $backend <%= domain.upstream %>;
        proxy_pass $backend;
        <% else %>
        proxy_pass <%= domain.upstream %>;
        <% end %>
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;

        <% if ENV['WEBSOCKET'] && ENV['WEBSOCKET'].downcase == 'true' %>
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "Upgrade";
        proxy_read_timeout 2h;
        <% end %>
    }

source

@SteveLTN any ides ?

SecurityError: Failed to construct 'WebSocket': An insecure WebSocket connection may not be initiated from a page loaded over HTTPS.

Error from simple npx create-react-app

jmayergit avatar Dec 11 '19 04:12 jmayergit

I am not sure. As @jmayergit mentioned you can just set ‘WEBSOCK=true’ to have the headers. But why react reports error I don’t know.

SteveLTN avatar Dec 11 '19 07:12 SteveLTN

I should have clarified that I'm running in a development environment. Production works as expected

jmayergit avatar Dec 11 '19 08:12 jmayergit

I guess it has something to do with the local self-signed certificate. Since the self-signed certificates are not trusted by browsers by default, it may refuse to connect via websocket . Maybe you can try manually trust the certificates?

On Wed, 11 Dec 2019 at 9:09 AM Julien Mayer [email protected] wrote:

I should have clarified that I'm running in a development environment. Production works as expected

— You are receiving this because you were mentioned.

Reply to this email directly, view it on GitHub https://github.com/SteveLTN/https-portal/issues/215?email_source=notifications&email_token=AAD4AZZHGOISKKVDETHWLBTQYCN2HA5CNFSM4JO6XMQ2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEGSHQMA#issuecomment-564426800, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAD4AZ6IX3JLRLQVJMUBMX3QYCN2HANCNFSM4JO6XMQQ .

SteveLTN avatar Dec 11 '19 09:12 SteveLTN