CWP: SSL + WebSocket + Ngnix

Question

My CentOS 7 + CWP panel configured as:

Nginx & Apache Additional Options: php-cgi/suphp, nginx/php-fpm, apache/php-fpm, proxy HTTP: Nginx (80) --> Apache (8181) HTTPS: Nginx (443) --> Apache (8181)

I want to run a WebSocket application that using localhost address 0.0.0.0:8282 for communication So I have put a cron job to run my chatserver WebSocket app on each server boot using a command:

PHP index.php chatserver server

In the SSH console I can see that the server run without any issues:

Running server on host 0.0.0.0:8282

But in the browser client side I can see an error like that:

WebSocket connection to 'wss:// . :8282/? ' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED socket.js?v= :** WebSocket connection to 'wss:// . :8282/?***' failed: Error in connection establishment: net::ERR_CONNECTION_REFUSED

Looks like Nginx doesn't let to pass the socket connection on the port 8282. Could you please to help me to change the Nginx configuration file of the specific domain that works over SSL to successfully establish WebSocket connection to the port 8282 and connected to my localhost chatserver. I will appreciate any help.

Answer 1

The error dictates that the websocket could not connect via port 8282 you need to set up a TLS certificate for this since WebRTC requires secure connection.

I believe the answer to your question is here - How to Create Secure(TLS/SSL) Websocket Server

Answer 2

I've found a way to redirect the server's websocket port to port 80 (or wss to 443) using nginx and CWP.

On the vhosts conf file (WebServers Conf Editor > /etc/nginx/conf.d/vhosts/ tab), you should locate the location / {... } part.

Replace the entire location / {... } part with this:

location / {
  proxy_set_header HOST $host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Forwarded-Proto $scheme;
  proxy_pass_request_headers on;
  proxy_pass http://YOUR_SERVER_IP:WEBSOCKET_PORT;
  proxy_http_version 1.0;
  proxy_set_header Upgrade $http_upgrade;
  proxy_set_header Connection "Upgrade";
}

You should change only YOUR_SERVER_IP and WEBSOCKET_PORT part with the respective information. Leave the rest as it is. If you are editing the SSL conf file, instead of http you should use https .