Menu
Thanks in advance for any help.
I am attempting to use Apache as a proxy between the web browser using WSS and a backend WS server process.
Browser <---WSS---> Apache <---WS---> RabbitMQ Stomp
I have HTTPS properly set up in Apache and serving up pages via 443.
In the Apache site config: .../sites-enabled/site.conf
<VirtualHost *:80>
RewriteEngine on
RewriteCond %{SERVER_NAME} =MYSERVER.com [OR]
RewriteCond %{SERVER_NAME} =www.MYSERVER.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>
<VirtualHost *:443>
SSLEngine On
SSLProxyEngine On
SSLCertificateFile /etc/letsencrypt/live/MYSERVER.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/MYSERVER.com/privkey.pem
Redirect /wss /wss/
ProxyPass /wss/ ws://127.0.0.1:15674/stomp/websocket/
ProxyPassReverse /ws/ wss://127.0.0.1:15674/stomp/websocket/
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
ServerName MYSERVER.com
ServerAlias www.MYSERVER.com
</VirtualHost>
Javascript in browser:
<script>
var ws = new WebSocket('wss://MYSERVER.com:443/wss');
var client = Stomp.over(ws);
In the Chrome debugger I see: WebSocket connection to 'wss://MYSERVER.com/wss' failed: Error during WebSocket handshake: Unexpected response code: 302
This is working great using just ws pointed directly at the backend, but I need to get wss working.
I tried to get a similar solution to this example, but was unable: Apache: Proxy websocket wss to ws
300
The wss protocol establishes a WebSocket over an encrypted TLS connection, while the ws protocol uses an unencrypted connection. At this point, the network connection remains open and can be used to send WebSocket messages in either direction.
WebSocket over a Forward Proxy. WebSocket communication can take successfully take place in the presence of forward proxies, providing the client and proxy server have been configured properly to deal with it.
Today, most transparent proxy servers will not yet be familiar with the Web Socket protocol and these proxy servers will be unable to support the Web Socket protocol. In the future, however, proxy servers will likely become Web Sockets-aware and able to properly handle and forward WebSocket traffic.
Apache server supports the module "mod_proxy_wstunnel" from the version 2.4. 10. This module requires the service of "mod_proxy". It provides support for the tunneling of web socket connections to a backend websockets server.
This line Redirect /wss /wss/ adds a trailing slash to /wss if not present (by default, it's a 302 redirect). And you're trying to connect to wss://MYSERVER.com:443/wss, which explains the redirect.
Solution:
try connecting to wss://MYSERVER.com:443/wss/ (with the trailing slash). This should now work as expected.
93
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
