Question posted in
Some documentation to get you started can be found here.

Websocket only work with ws:// but not with wss:// – Apache

I have one site configured to work with ssl. Every request that I receive I redirect to https. Recently I implemented a websocket on it, and it work fine on development, so when I put in production I started to get this error Firefox can’t establish a connection to the server at wss://

I created a new file locale only to connect o my websocket that is in production. When I connetc using ws://domain it work, when i change to wss://domain I got the error message.

I’m using ubuntu 18:04, Apache/2.4.18 and Rails action cable.

My Vhost is

<VirtualHost *:80>
    ServerName domain.com
    ServerAlias www.domain.com
    ServerAdmin [email protected]
    DocumentRoot /var/www/domain.com/public
    ProxyRequests off
    ProxyPreserveHost On
    LogLevel error

    <Location />
        Order allow,deny
        Allow from all
        Require all granted
    </Location>

    ProxyPass / http://127.0.0.1:8080/
    ProxyPassReverse / http://127.0.0.1:8080/

    ProxyPass /cable/  ws://127.0.0.1:28080/cable/
    ProxyPassReverse /cable/ ws://127.0.0.1:28080/cable/

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

<VirtualHost *:443>
    ServerName domain.com
    ServerAlias www.domain.com
    ServerAdmin [email protected]
    DocumentRoot /var/www/domain.com/public
    ProxyRequests off
    ProxyPreserveHost On
    LogLevel error

    <Location />
        Order allow,deny
        Allow from all
        Require all granted
    </Location>

    ProxyPass / http://127.0.0.1:8080/
    ProxyPassReverse / http://127.0.0.1:8080/

    ProxyPass /cable/  wss://127.0.0.1:28080/cable/
    ProxyPassReverse /cable/ wss://127.0.0.1:28080/cable/

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

On localhost out of the domain If I call exampleSocket = new WebSocket("wss://domain.com/cable/"); I get Firefox can’t establish a connection to the server at wss://, but if I call exampleSocket = new WebSocket("ws://domain.com/cable/"); the connection work.

On site if I call exampleSocket = new WebSocket("ws://domain.com/cable/");, it dont work because of the ssl, and I get SecurityError: The operation is insecure.

Anyone can help with this?

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    I fixed the problem. Everything was going wrong because of the order of the proxypass on apache configuration file. I changed the file to this

    <VirtualHost *:80>
    ServerName suaradioonline.com
    ServerAlias www.suaradioonline.com
    ServerAdmin [email protected]
    DocumentRoot /var/www/suaradioonline.com/public
    ProxyRequests off
    ProxyPreserveHost On
    LogLevel error

    <Location />
        Order allow,deny
        Allow from all
        Require all granted
    </Location>

    ProxyPass /cable/  ws://127.0.0.1:28080/cable/
    ProxyPassReverse /cable/ ws://127.0.0.1:28080/cable/

    ProxyPass / http://127.0.0.1:8080/
        ProxyPassReverse / http://127.0.0.1:8080/

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

<VirtualHost *:443>
        ServerName suaradioonline.com
        ServerAlias www.suaradioonline.com
        ServerAdmin [email protected]
        DocumentRoot /var/www/suaradioonline.com/public
        ProxyRequests off
        ProxyPreserveHost On
        LogLevel error

        <Location />
            Order allow,deny
            Allow from all
            Require all granted
        </Location>

        ProxyPass /cable/  ws://127.0.0.1:28080/cable/
        ProxyPassReverse /cable/ ws://127.0.0.1:28080/cable/

        ProxyPass / http://127.0.0.1:8080/
        ProxyPassReverse / http://127.0.0.1:8080/

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

    It occur beacause of the ProxyPass / match in all requests that are incoming and the request /cable/ was never reached.


  2. 0 
    <VirtualHost *:80>
    ...
    ProxyPass / http://127.0.0.1:8080/
    ...
    ProxyPass /cable/  ws://127.0.0.1:28080/cable/
    ...
<VirtualHost *:443>
    ...
    ProxyPass / http://127.0.0.1:8080/
    ...
    ProxyPass /cable/  wss://127.0.0.1:28080/cable/

    It is unlikely that your unknown Websocket server can do both ws:// and wss:// on the same port 28080. It is more likely that it can do only ws://, i.e. you should forward to ws:// for both port 80 and 443. Note that this is similar to what you are already correctly doing for the normal traffic: both port 80 and port 443 is forwarded to the internal http:// and not not one to http:// and the other to https://.

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search