Question

Having trouble getting a web application that uses websockets to work after setting up the HTTPS Apache reverse proxy to Tomcat

Posted March 4, 2017 4.8k views
ApacheSecurityUbuntu 16.04

I have a web application that uses a WebSocket connection.
I set up a Ubuntu droplet and configured Apache and Tomcat.
My application was working fine until I tried to setup SSL.
I followed the instructions to get an SSL certificate, and followed the instructions in the following post to set up the Reverse Proxy with Apache:
How To Encrypt Tomcat 8 Connections with Apache or Nginx on Ubuntu 16.04
Now, SSL works fine, but it complains that you can not start a ws:// from an HTTPS connection.
So I tried changing the call from ws:// to wss://, but the WebSocket will not connect, because it can’t properly upgrade the protocol from https to wss.

I am relatively new to the unix world, and am not familiar with all of the Apache and Tomcat configuration parameters.
Can someone please let me know exactly what I need to configure to get Apache to properly proxy the wss to Tomcat, and/or what Tomcat configurations I need to make to get a secure websocket working with this Reverse Proxy setup?

1 comment
  • @paulge8
    I’m just leaving a comment, since I don’t know the exact configuration of Apache, but in Nginx you would add the following to the location:

    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_http_version 1.1;
    

    From what I remember in Apache, you need to enable the module mod_proxy_wstunnel
    https://httpd.apache.org/docs/2.4/mod/mod_proxy_wstunnel.html

    If it still doesn’t work, then please add error logs from Apache and what error the browser console states.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

This question was answered by @hansen:

@paulge8
I’m just leaving a comment, since I don’t know the exact configuration of Apache, but in Nginx you would add the following to the location:

proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;

From what I remember in Apache, you need to enable the module mod_proxy_wstunnel
https://httpd.apache.org/docs/2.4/mod/mod_proxy_wstunnel.html

If it still doesn’t work, then please add error logs from Apache and what error the browser console states.

View the original comment

Submit an Answer