I am having a problem in connecting through WSS to my server. I followed the following article to setup nginx with websockets: http://www.letseehere.com/reverse-proxy-web-sockets
The following is my nginx config which serves a Play! application:
#user  nobody;
worker_processes  1;  
error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
#pid        logs/nginx.pid;
events {
    worker_connections  1024;
}
tcp {
     upstream websockets {
      ## Play! WS location
       server 127.0.0.1:9000;
     }    
    server {
        listen 80; 
        listen 8000;
        server_name socket.domain.com;
        tcp_nodelay on; 
        proxy_pass websockets;
        proxy_send_timeout 300;
    }   
     # virtual hosting
     #include /usr/local/nginx/vhosts/*;
}
http {
  server {
        listen 443 ssl;
        server_name socket.artoo.in;
        ssl_certificate      /usr/local/nginx/key/socket.domain.com.crt;
        ssl_certificate_key  /usr/local/nginx/key/socket.domain.com.key;
        ssl_session_timeout  5m;
        ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
        ssl_prefer_server_ciphers   on;
        location / {
            proxy_pass http://127.0.0.1:9000;
        }
  }
}
While the server is accessible on http://socket.domain.com, https://socket.domain.com, ws://socket.domain.com but not wss://socket.domain.com
NGINX supports WebSocket by allowing a tunnel to be set up between both client and back-end servers. NGINX will send the Upgrade request from the client to the back-end server, the Upgrade and Connection headers must be set explicitly. Once this is done, NGINX deals with this as a WebSocket connection.
WebSocket over a Reverse Proxy. WebSocket communication can take place over any reverse proxy which is configured to perform forwarding at the transport layer. Some proxies are able to handle WebSocket communication from certain clients at the application layer.
WebSocket over a Forward Proxy. WebSocket communication can take successfully take place in the presence of forward proxies, providing the client and proxy server have been configured properly to deal with it.
The wss protocol establishes a WebSocket over an encrypted TLS connection, while the ws protocol uses an unencrypted connection. At this point, the network connection remains open and can be used to send WebSocket messages in either direction.
I was able to put together a guide in Q&A format that shows you how to do all of this with NGINX modules, much easier ;)
NGINX to reverse proxy websockets AND enable SSL (wss://)?
You will need to rebuild NGINX and follow the config in the question above.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With