RE: Websockets not working with Apache proxypass, keep getting 400.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hello,

You may need to use SSLProxyCheckPeerCN / SSLProxyCheckPeerName off

 

 

From: Weare Borg [mailto:kernelfreak@xxxxxxxxx]
Sent: 25 August 2017 09:14
To: users@xxxxxxxxxxxxxxxx
Subject: [users@httpd] Websockets not working with Apache proxypass, keep getting 400.

 

Distribution : Debian server. 3.2.0-4-amd64 #1 SMP Debian 3.2.73-2+deb7u2 x86_64 GNU/Linux

Server version: Apache/2.2.22 (Debian)

Hello friends,

I am working on integrating Websocket based functionality into our Spring-MVC application. It works on my localhost, where I neither have SSL, nor apache web server with ProxyPass.

We have a library called cometd which supports websocket functionality which we are trying to make it work.

When I add it on the server, the situation changes, with proxypass, whenever I try to make the connection from https go to wss, it doesn't work and I keep getting a 400. What am I doing wrong?

I had added the same question on SO, but didn't got any good answer even after a bounty, hoping something more would be here. Question link :  QuestionLink

 

000-default.conf

<VirtualHost *:443>
ServerName www.oursite.de
ServerAlias oursite.de
ProxyRequests off
ProxyPreserveHost On
<Proxy https://www.oursite.de:8444/>
Order deny,allow
Allow from all
</Proxy>
ProxyPass /nagios !
ProxyReceiveBufferSize 4096
ErrorDocument 503 /error/message.html
ProxyPass /error/ !
ProxyPass /error/message.html !
 
SSLEngine on
SSLProxyEngine on
SSLCertificateFile /etc/letsencrypt/live/www.oursite.de-0002/cert.crt
SSLCertificateKeyFile /etc/letsencrypt/live/www.oursite.de-0002/private.key
SSLCertificateChainFile /etc/letsencrypt/live/www.oursite.de-0002/chain.pem
 
ProxyPass / https://localhost:8444/
ProxyPassReverse / https://localhost:8444/
 
ProxyPass /cometd/ wss://localhost:8444/cometd/
ProxyPassReverse /cometd wss://localhost:8444/cometd/
 
<Location / >
Order allow,deny
Allow from all
</Location>
</VirtualHost>

 

As we have 3 different applications running on the same server, application running on port 8444 is the one where we have cometd instance running. The URL is always /cometd, and it's calculated in this manner :

 

var cometURL = location.protocol + "//" + location.host+ config.contextPath + "/cometd";

 

If there is anything else required. Kindly let me know. Thanks. 


[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux