I am trying to configure my nginx server so that i can use wss for my domain:
server {
listen [::]:80;
listen 80;
server_name example.com www.example.com;
location /.well-known/acme-challenge {
allow all;
root /var/www/certbot;
}
# redirect http to https www
return 301 https://www.example.com$request_uri;
}
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name example.com;
# SSL code
ssl_certificate /etc/nginx/ssl/live/example.com/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/live/example.com/privkey.pem;
root /var/www/html;
location / {
index index.html;
}
return 301 https://www.example.com$request_uri;
}
server {
listen [::]:443 ssl http2;
listen 443 ssl http2;
server_name www.example.com;
# SSL code
ssl_certificate /etc/nginx/ssl/live/example.com/fullchain.pem;
ssl_certificate_key /etc/nginx/ssl/live/example.com/privkey.pem;
root /var/www/html;
location / {
index index.html;
}
location /ph/ {
proxy_pass http://xxx.xxx.xxx.xx:3000/;
}
# websocket
location /ph/socket/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass https://ws-backend;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
upstream ws-backend {
server xxx.xxx.xxx.xx:3000;
}
But I am getting this error:
web_1 | 2022/04/18 00:40:53 [error] 24#24: *11 SSL_do_handshake() failed (SSL: error:1408F10B:SSL routines:ssl3_get_record:wrong version number) while SSL handshaking to upstream, client: 42.xxx.xxx.xxx, server: www.example.com, request: "GET /ph/socket//websocket?vsn=2.0.0 HTTP/1.1", upstream: "https://xxx.xxx.xxx.xx:3000/ph/socket//websocket?vsn=2.0.0", host: "www.example.com"
How can I resolve this?
CodePudding user response:
According to this answer, consider changing your
proxy_pass https://ws-backend;
to
proxy_pass http://ws-backend;