stackoom
  简体   繁体   中英

Websocket only work with ws:// but not with wss://

 原文  2019-03-15 11:56:18       ruby-on-rails/ apache/ ssl/ websocket

Question

I have one site configured to work with ssl. Every request that I receive I redirect to https. Recently I implemented a websocket on it, and it work fine on development, so when I put in production I started to get this error Firefox can't establish a connection to the server at wss://

I created a new file locale only to connect o my websocket that is in production. When I connetc using ws://domain it work, when i change to wss://domain I got the error message.

I'm using ubuntu 18:04, Apache/2.4.18 and Rails action cable.

My Vhost is 

<VirtualHost *:80>
    ServerName domain.com
    ServerAlias www.domain.com
    ServerAdmin contato@domain.com
    DocumentRoot /var/www/domain.com/public
    ProxyRequests off
    ProxyPreserveHost On
    LogLevel error

    <Location />
        Order allow,deny
        Allow from all
        Require all granted
    </Location>

    ProxyPass / http://127.0.0.1:8080/
    ProxyPassReverse / http://127.0.0.1:8080/

    ProxyPass /cable/  ws://127.0.0.1:28080/cable/
    ProxyPassReverse /cable/ ws://127.0.0.1:28080/cable/

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

<VirtualHost *:443>
    ServerName domain.com
    ServerAlias www.domain.com
    ServerAdmin contato@domain.com
    DocumentRoot /var/www/domain.com/public
    ProxyRequests off
    ProxyPreserveHost On
    LogLevel error

    <Location />
        Order allow,deny
        Allow from all
        Require all granted
    </Location>

    ProxyPass / http://127.0.0.1:8080/
    ProxyPassReverse / http://127.0.0.1:8080/

    ProxyPass /cable/  wss://127.0.0.1:28080/cable/
    ProxyPassReverse /cable/ wss://127.0.0.1:28080/cable/

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

On localhost out of the domain If I call exampleSocket = new WebSocket("wss://domain.com/cable/"); I get Firefox can't establish a connection to the server at wss:// , but if I call exampleSocket = new WebSocket("ws://domain.com/cable/"); the connection work.

On site if I call exampleSocket = new WebSocket("ws://domain.com/cable/"); , it dont work because of the ssl, and I get SecurityError: The operation is insecure.

Anyone can help with this?

2 answers

solution1
 0  2019-03-15 12:30:26

<VirtualHost *:80>
    ...
    ProxyPass / http://127.0.0.1:8080/
    ...
    ProxyPass /cable/  ws://127.0.0.1:28080/cable/
    ...
<VirtualHost *:443>
    ...
    ProxyPass / http://127.0.0.1:8080/
    ...
    ProxyPass /cable/  wss://127.0.0.1:28080/cable/

It is unlikely that your unknown Websocket server can do both ws:// and wss:// on the same port 28080. It is more likely that it can do only ws:// , ie you should forward to ws:// for both port 80 and 443. Note that this is similar to what you are already correctly doing for the normal traffic: both port 80 and port 443 is forwarded to the internal http:// and not not one to http:// and the other to https:// .

solution2
 0  2019-03-15 19:01:41

I fixed the problem. Everything was going wrong because of the order of the proxypass on apache configuration file. I changed the file to this 

<VirtualHost *:80>
    ServerName suaradioonline.com
    ServerAlias www.suaradioonline.com
    ServerAdmin contato@suaradioonline.com.br
    DocumentRoot /var/www/suaradioonline.com/public
    ProxyRequests off
    ProxyPreserveHost On
    LogLevel error

    <Location />
        Order allow,deny
        Allow from all
        Require all granted
    </Location>

    ProxyPass /cable/  ws://127.0.0.1:28080/cable/
    ProxyPassReverse /cable/ ws://127.0.0.1:28080/cable/

    ProxyPass / http://127.0.0.1:8080/
        ProxyPassReverse / http://127.0.0.1:8080/

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

<VirtualHost *:443>
        ServerName suaradioonline.com
        ServerAlias www.suaradioonline.com
        ServerAdmin contato@suaradioonline.com.br
        DocumentRoot /var/www/suaradioonline.com/public
        ProxyRequests off
        ProxyPreserveHost On
        LogLevel error

        <Location />
            Order allow,deny
            Allow from all
            Require all granted
        </Location>

        ProxyPass /cable/  ws://127.0.0.1:28080/cable/
        ProxyPassReverse /cable/ ws://127.0.0.1:28080/cable/

        ProxyPass / http://127.0.0.1:8080/
        ProxyPassReverse / http://127.0.0.1:8080/

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

It occur beacause of the ProxyPass / match in all requests that are incoming and the request /cable/ was never reached.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Using em-websocket gem can't change connection to 'ws://' RUBY WebSocket connection to 'ws://example.com/cable' failed: Unexpected response code: 404 Faye, websocket connection problems: can't establish connection with ws://localhost:9292/faye WebSocket connection to 'ws://localhost:35729/livereload' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED Make WebSocket work with Ruby on Rails vs Puma and Nginx Websocket-rails doesn't work on production evironment with Nginx and Unicorn Method broadcast_message in a rails app with websocket_rails gem don't work Javascript will only work after refreshing the page Is this OpenTokRTC javascript framework only? Or will it work on Rails too? Is a redis instance can only work for 1 project?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM