Reputation: 43
Accessing non-SSL socket.io (nodejs) server from SSL Apache request, same host
I am turning around this problem for hours and can't find any solution.
I have a socket.io server running on nodejs, listening to non-SSL port 8080, and started just as follows:
var io = require('socket.io').listen(8080);
I connect to the socket.io server via Apache, using proxy:
<VirtualHost *:443>
ServerName www.mysite.com
DocumentRoot /var/www/vhosts/mysite
ErrorLog logs/mysite.log
TransferLog logs/ssl.access.log
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
SSLCertificateFile /etc/pki/tls/certs/mysite.crt
SSLCertificateKeyFile /etc/pki/tls/private/mysite.key
SSLCertificateChainFile /etc/pki/tls/certs/geotrust.crt
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/socket.io [NC]
RewriteCond %{QUERY_STRING} transport=websocket [NC]
RewriteRule /(.*) ws://localhost:8080/$1 [P,L]
ProxyRequests Off
ProxyPass /socket.io http://localhost:8080/socket.io
ProxyPassReverse /socket.io http://localhost:8080/socket.io
On the client side, I open my socket.io connections with the following code:
var socket = io.connect('https://'+hostname, {secure:true});
From a user point of view, everything is working fine, except that I have tons of error messages in my Apache log:
[ssl:error] [pid 15080] [remote 127.0.0.1:443] AH01961: SSL Proxy requested for www.mysite.com:443 but not enabled [Hint: SSLProxyEngine]
[proxy:error] [pid 15080] AH00961: HTTPS: failed to enable ssl support for 127.0.0.1:443 (www.mysite.com)
I realize that I'm not using the "SSLProxyEngine on" option, but it's on purpose. If I set it on, nothing is working any more.
What I just want to do is redirect requests made to Apache via SSL port 443, to my non-SSL socket.io on port 8080 (same host). This port 8080 is closed to external connections and I would like not to required to use SSL between Apache and nodejs, if it is possible, and to get rid of all these useless error message.
Can someone help me, please? ;)
Upvotes: 0
Views: 1321
Answers (2)
Reputation: 89
var proxy = require('http-proxy').createProxyServer();
var fs = require('fs');
express = require('express.io');
app = express();
var SSloptions = {
key: fs.readFileSync('/var/www/node/certificados/mig.xxx.key'),
cert: fs.readFileSync('/var/www/node/certificados/xxxx.crt'),
ca: [
fs.readFileSync('/var/www/node/certificados/gd_bundle-xxxx.crt')
],
rejectUnauthorized: false,
requestCert: true,
agent: false,
strictSSL: false
};
app.https(SSloptions).io();
app.all('*', function(req, res){
proxy.web(req, res, {
target: 'https://localhost:4443',
secure: true
});
});
app.listen(14443);
Upvotes: 1
Reputation: 336
As found here Websocket apache proxy issues with ssl
you must edit apache site.conf on
SSLUseStapling on
ProxyRequests Off
ProxyPreserveHost on
ProxyPass /socket.io http://localhost:8080/socket.io
ProxyPassReverse /socket.io http://localhost:8080/socket.io
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
RequestHeader set Front-End-Https "On"
Upvotes: 1
Related Questions
- Running Socket.io over Apache Reverse Proxy
- How to connect to socket io via ssl, serving files by apache2
- Socket.io with connection on node server with HTTPS and NGINX
- How to connect socket.io through a reverse proxy
- How to make Socket IO work over HTTPS using node.js
- Socket.io with apache
- node.js and socket.io with SSL
- How to connect to Node socket.io-server from Node socket.io-client **with HTTPS**
- node.js, socket.io and SSL
- Serving socket.io through SSL