I'm so lost and new to building NGINX on my own but I want to be able to enable secure websockets without having an additional layer.
I don't want to enable SSL on the websocket server itself but instead I want to use NGINX to add an SSL layer to the whole thing.
Every web page out there says I can't do it, but I know I can! Thanks to whoever (myself) can show me how!
WebSocket over a Reverse Proxy. WebSocket communication can take place over any reverse proxy which is configured to perform forwarding at the transport layer. Some proxies are able to handle WebSocket communication from certain clients at the application layer.
NGINX supports WebSocket by allowing a tunnel to be set up between both client and back-end servers. NGINX will send the Upgrade request from the client to the back-end server, the Upgrade and Connection headers must be set explicitly. Once this is done, NGINX deals with this as a WebSocket connection.
WebSocket over a Forward Proxy. WebSocket communication can take successfully take place in the presence of forward proxies, providing the client and proxy server have been configured properly to deal with it.
An SSL certificate is required for the WebSocket WSS (WebSocket Security) protocol to work in production environments that use the HTTPS protocol for the website. If your website uses an SSL certificate, you'll be required to use the WSS protocol for secure communications.
Just to note that nginx has now support for Websockets on the release 1.3.13. Example of use:
location /websocket/ { proxy_pass http://backend_host; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_read_timeout 86400; }
You can also check the nginx changelog and the WebSocket proxying documentation.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With