Gayan
Reputation: 1553
Proxy Websocket on HTTPS from the root - HAProxy
I have an aws ELB, behind the ELB I have a HAProxy.
Here is the proxy config file.
cat /etc/haproxy/haproxy.cfg
frontend http-traffic
bind *:80
acl is_websocket hdr(Upgrade) -i WebSocket
redirect scheme https if is_websocket
use_backend websocket if is_websocket
default_backend tomcat
frontend https-traffic
bind *:443 ssl crt /etc/ssl/private/gayan.pem
reqadd X-Forwarded-Proto:\ https
acl is_websocket hdr(Upgrade) -i WebSocket
use_backend websocket if is_websocket
default_backend tomcat
backend tomcat
reqirep ^([^\ :]*)\ /(.*) \1\ /ImageServlet\2
server tc 172.20.135.97:8080
backend websocket
reqirep ^Host:\ .* Host:\ demos.kaazing.com/echo
server ws demos.kaazing.com:443/echo ssl verify none
What am I trying to do is, wss://<ELB_A_RECORD> and it should be proxying to demos.kaazing.com/echo websocket.
But I'm getting 403 error.
Am I doing anything wrong?
Upvotes: 0
Views: 2396
Answers (1)
Michael - sqlbot
Reputation: 179004
This almost certainly results in an incorrect HTTP request:
reqirep ^Host:\ .* Host:\ demos.kaazing.com/echo
The Host header is only the host header, not header and path. The error message should have been 400 Bad Request since this would have resulted in a malformed request.
Try removing that line, and adding these:
http-request set-header Host demos.kaazing.com
http-request set-path /echo
Upvotes: 1
Related Questions
- NGINX to reverse proxy websockets AND enable SSL (wss://)?
- WebSocket through SSL with Apache reverse proxy
- WebSocket with SSL
- How to configure nginx reverse proxy to use SECURE websockets upstream?
- Secure WebSocket Proxy for Unsecured WebSocket Server
- HAProxy + WebSocket Disconnection
- Apache websocket setup
- Apache mod_proxy: forward secure websocket to non-secure
- Cannot bind socket [0.0.0.0:443] for HAproxy
- apache websockets reverse proxy