Author Topic: Websocket ssl on nginx  (Read 11615 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Websocket ssl on nginx
« on: July 30, 2020, 02:41:35 PM »
I'm trying to start a websocket, but in https it doesn't work.

Code: [Select]
WebSocket connection to 'wss://myurl.com.br:8585/' failed: WebSocket opening handshake timed out

I've been researching and I saw that you have to make a configuration in ngnix, but I didn't find where to make this configuration in the domain,

https://www.nginx.com/blog/websocket-nginx/

Offline
*****
Re: Websocket ssl on nginx
« Reply #1 on: September 05, 2020, 06:50:11 AM »
What exactly do you trying to do and for what?
You can ask me to solve any problem with your server for some money in pm  ;)
Services Monitoring & RBL Monitoring
http://centos-webpanel.com/services-monitor
Join our Development Team and get paid !
http://centos-webpanel.com/develope-modules-for-cwp

Installation Instructions
http://centos-webpanel.com/installation-instructions
Get Fast Support Here
http://centos-webpanel.com/support-services

Offline
*
Re: Websocket ssl on nginx
« Reply #2 on: December 12, 2020, 11:59:04 PM »
What exactly do you trying to do and for what?
I have the same problem.
So, my CWP panel was configured as:

Quote
Nginx & Apache
Additional Options: php-cgi/suphp, nginx/php-fpm, apache/php-fpm, proxy
HTTP: Nginx (80) --> Apache (8181)
HTTPS: Nginx (443) --> Apache (8181)

I want to run a WebSocket application that using localhost address 0.0.0.0:8282 for communication
So I have put a cron job to run my chatserver websocket app using a command:

Code: [Select]
php index.php chatserver server
Now I can see that the chatserver is run:
Quote
Running server on host 0.0.0.0:8282

But in the browser client side I can see an error like that:

Quote
WebSocket connection to 'wss://***.***:8282/?***' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED
socket.js?v=***:** WebSocket connection to 'wss://***.***:8282/?***' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED

Looks like nginx doesn't let to pass the socket connection on the port 8282.
Could you please to help me to change the nginx configuration file of the specific domain that works over SSL to successfully establish websocket connection to the port 8282 and connected to my localhost chatserver.
I will appreciate for any help.

Offline
*****
Re: Websocket ssl on nginx
« Reply #3 on: December 13, 2020, 06:02:42 AM »
socket.io and wss will work fine with nginx just you need to create complete vhost template by your own.

Offline
*
Re: Websocket ssl on nginx
« Reply #4 on: December 13, 2020, 06:08:32 AM »
Could you give me an example, please? I already spent the last 3 hours and still didn't find a solution. I mean example of template in case if the chat app gonna work from the wss://***.com:8282
How to make a port forwarding through ngnix to apache?

Offline
*****
Re: Websocket ssl on nginx
« Reply #5 on: December 13, 2020, 06:12:16 AM »
templates are stored here
http://wiki.centos-webpanel.com/webservers-vhost-templates

check with your script provider for proper documentation config for nginx towards your script

Offline
*
Re: Websocket ssl on nginx
« Reply #6 on: December 13, 2020, 06:45:10 AM »
There is no script provider, I am writing a chat application and it works without any problem on my xampp, but I am getting stucked with Nginx port forwarder through SSL connection.
Briefly I am running a chatserver on my server (using boot cron task) under the name of the domainuser.

Code: [Select]
php index.php chatserver server

After running I am getting a message:

Quote
Running server on host 0.0.0.0:8282

When I am opening a browser I am getting errors like that:
Quote
app.js?v=1222333591:101 WebSocket connection to 'wss://***.***:8282/?access_token=1)%28?%2A' failed: WebSocket opening handshake timed out
So, if I understood correctly I need to tell to nginx that all requests to ****.com:8282 should be forwarded directly to localhost 0.0.0.0:8282   ???

Offline
*****
Re: Websocket ssl on nginx
« Reply #7 on: December 13, 2020, 08:19:14 AM »
did ytou opened the port 8282 in firewall ?

Offline
*
Re: Websocket ssl on nginx
« Reply #8 on: December 13, 2020, 02:00:53 PM »
Yes, it is opened. Even when the firewall is switched off it doesn't work...

Offline
*
Re: Websocket ssl on nginx
« Reply #9 on: December 13, 2020, 02:08:43 PM »
I found some useful information, but still didn't figure out how to add it considering CWP nginx existing configuration:

WebSocket proxying
http://nginx.org/en/docs/http/websocket.html

NGINX to reverse proxy websockets AND enable SSL (wss://)?
https://stackoverflow.com/questions/12102110/nginx-to-reverse-proxy-websockets-and-enable-ssl-wss


Offline
*****
Re: Websocket ssl on nginx
« Reply #10 on: December 13, 2020, 02:24:35 PM »
as i mentioned above you need to create template, as this tasks are not free.

Offline
*
Re: Websocket ssl on nginx
« Reply #11 on: December 13, 2020, 03:03:49 PM »
Well, I think I am not the first one who is asking about Nginx + SSL + Websockets here in the forum. But so far all of those subjects without clean answer or without an answer at all. ¯\_(ツ)_/¯
I think that should be integrated into the CWP. I mean the possibility to add port forwarding. Anyway could you please give me a template example of the port forwarding through the templates?
I have tried to add at the end of the
Code: [Select]
/etc/nginx/conf.d/vhosts/holistic.chat.ssl.conf
That description:

Code: [Select]
server {
          server_name ***.***;
                  location / {
                           proxy_pass http://0.0.0.0:8282;
                  }
listen [::]:443 ssl;
        listen 443 ssl;
        ssl_certificate      /etc/pki/tls/certs/***.***.bundle;
ssl_certificate_key  /etc/pki/tls/private/***.***.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    }

But it doesn't work.
« Last Edit: December 13, 2020, 03:07:06 PM by rs »

Offline
*
Re: Websocket ssl on nginx
« Reply #12 on: August 05, 2022, 08:56:55 PM »
Hello. I've found a way to redirect the server's websocket port to port 80 (or wss to 443).
On the vhosts conf file (WebServers Conf Editor > /etc/nginx/conf.d/vhosts/ tab), you should locate the location / { ... } part.

Replace the entire location / { ... } part with this:

Code: [Select]
location / {
  proxy_set_header HOST $host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Forwarded-Proto $scheme;
  proxy_pass_request_headers on;
  proxy_pass http://YOUR_SERVER_IP:WEBSOCKET_PORT;
  proxy_http_version 1.0;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "Upgrade";
}

You should change only YOUR_SERVER_IP and WEBSOCKET_PORT part with the respective information. Leave the rest as it is. If you are editing the SSL conf file, instead of http you should use https.

It is working for me. I just wish someone directed me as how to create a template from this, to be able to use the CWP ui to set this config instead of by hand.
« Last Edit: August 05, 2022, 08:59:50 PM by pswerlang »