Keep Server Online
If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.
or
A donation makes a contribution towards the costs, the time and effort that's going in this site and building.
Thank You! Steffen
Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
| |
|
 Topic: Apache WSS Secure WebSocket |
|
| Author |
|
jArden
Joined: 13 Jul 2015
Posts: 3
Location: Greece,Athens
|
 Posted: Mon 13 Jul '15 16:57 Post subject: Apache WSS Secure WebSocket |
 |
|
Hello,
I made a WebSocket service in Apache under CentOs with PHP and JS that works great if the protocol is ws:// . The problem is that the site is served through https:// so I must use wss protocol (cause mixed content policy). I have tried many approaches to make it work and any idea would really help.
First I tried to bind the socket of the WS (WebSocket) Server to 443 , but I got permission denied. The next thing was trying to alternate httpd.conf through include file to make every communication made in this server IP though a certain port e.g. 9100 to use a certain crt key and cabundle files. I made it copying the VirtualHost entry for the domain when it uses https , port 443 . But I am stack , I cant find a way to make Apache treat the communication to a certain IP and port (for a single domain or not) with the same ssl encode and decode files as the one used in the domain https 443 port.
Any idea in the way I am searching it , or in an alternate way would be great. Thank you in advance |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7373
Location: Germany, Next to Hamburg
|
| Posted: Wed 15 Jul '15 14:18 Post subject: |
|
|
reverse proxy on the whole thing or reverse proxy for some paths where you need that. Then the browser will only see https://
Maybe you need the combination with mod_proxy_html to rewrite so stuff in the html |
|
| Back to top |
|
jArden
Joined: 13 Jul 2015
Posts: 3
Location: Greece,Athens
|
| Posted: Wed 15 Jul '15 14:54 Post subject: |
|
|
Hello James ,
I am not Apache expert and it is the first time i am disappointed about Apache . I thought that it should be something rather simple , to make a server use certain ssl credentials when a certain port is used. But it isn't. I have rewrite all the core of the application (the inner framework) to make PHP decode and encode the communication with a pem file (crt+key). Although I got it work I strongly feel that this something the web server should do and not a language.
Thank you for your response I made a lot of tests with mod_proxy_wstunnel and certain reverse proxy techniques , but those are suited in old systems in my opinion , because the server burden is even greater than using PHP (the C modules that runs in back) to encode and decode the SSL communication. |
|
| Back to top |
|
James Blond
Moderator
Joined: 19 Jan 2006
Posts: 7373
Location: Germany, Next to Hamburg
|
| Posted: Wed 15 Jul '15 18:14 Post subject: |
|
|
Server burden? For sure we can help you with with that config. So you really need ssl for ws:// ?
Why not
User <-- HTTPS -->apache_with_vhost<-- http + ws -->backend server
in that case apache will handle all the SSL stuff easy. |
|
| Back to top |
|
|
|
|
|
|
