Hi!I have a tomcat application running that accepts websockets. In front of this application I'm running apache as a reverse proxy. SSL is configured in apache, and my tomcat knows nothing about SSL.
In the usual web traffic case, everything works just as expected - the SSL connection terminates in apache and the request is forwarded to tomcat using plain http. However, this approach doesn't seem to work when it comes to websockets - the upgrade requests return 403 with no further elaboration in the log.
This is the proxy part of my vhost config: <VirtualHost *:443> ...ProxyPass "/george/ws/sender" "http://localhost:8080/george/ws/sender"; upgrade=websocket ProxyPass "/george/ws/receiver" "http://localhost:8080/george/ws/receiver"; upgrade=websocket
</VirtualHost>I have succeeded in getting things working if I configure SSL in tomcat as well:
<VirtualHost *:443> ...ProxyPass "/george/ws/sender" "https://localhost:8443/george/ws/sender"; upgrade=websocket ProxyPass "/george/ws/receiver" "https://localhost:8443/george/ws/receiver"; upgrade=websocket
</VirtualHost>Administrivia makes configuring SSL in tomcat undesirable, so my question is if it's possible to get websockets to behave similarly to SSL, with apache terminating the encryption layer and passing on an unsecured websocket internally? If it's possible, how?
Server version: Apache/2.4.57 (Debian) Server built: 2023-04-13T03:26:51Relevant documentation: https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#wsupgrade
Regards, Erik Thuning --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|