Home > database >  nginx websocket config - wss config in nginx
nginx websocket config - wss config in nginx

Time:04-20

I am trying to configure my nginx server so that i can use wss for my domain:

server {
    listen [::]:80;
    listen 80;

    server_name example.com www.example.com;

    location /.well-known/acme-challenge {
        allow all; 
        root /var/www/certbot;
    }

    # redirect http to https www
    return 301 https://www.example.com$request_uri;
}

server {
    listen [::]:443 ssl http2;
    listen 443 ssl http2;

    server_name example.com;

    # SSL code
    ssl_certificate /etc/nginx/ssl/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/nginx/ssl/live/example.com/privkey.pem;

    root /var/www/html;

    location / {
        index index.html;
    }
    return 301 https://www.example.com$request_uri;
}

server {
    listen [::]:443 ssl http2;
    listen 443 ssl http2;

    server_name www.example.com;

    # SSL code
    ssl_certificate /etc/nginx/ssl/live/example.com/fullchain.pem;
    ssl_certificate_key /etc/nginx/ssl/live/example.com/privkey.pem;

    root /var/www/html;

    location / {
        index index.html;
    }
    location /ph/ { 
    proxy_pass http://xxx.xxx.xxx.xx:3000/;
    }
    
   # websocket
   location /ph/socket/ {
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $host;

      proxy_pass https://ws-backend;

      proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
      proxy_set_header Connection "upgrade";
   }
} 

upstream ws-backend {
    server xxx.xxx.xxx.xx:3000;
}

But I am getting this error:

web_1 | 2022/04/18 00:40:53 [error] 24#24: *11 SSL_do_handshake() failed (SSL: error:1408F10B:SSL routines:ssl3_get_record:wrong version number) while SSL handshaking to upstream, client: 42.xxx.xxx.xxx, server: www.example.com, request: "GET /ph/socket//websocket?vsn=2.0.0 HTTP/1.1", upstream: "https://xxx.xxx.xxx.xx:3000/ph/socket//websocket?vsn=2.0.0", host: "www.example.com"

How can I resolve this?

CodePudding user response:

According to this answer, consider changing your

proxy_pass https://ws-backend;

to

proxy_pass http://ws-backend;

  • Related