Spreed WebRTC, websocket connection to wss://sub.domaine.com/ws failed

Question

Hello,I followed a tutorial to install spreed-webrtc-snap on VPS linux 18.04https://www.fosslinux.com/45051/how-to-install-spreed-webrtc-server-on-ubuntu.htm This tutorial did not really treat the HTTPS part. I have a subdomain, with a valid let’s encrypt certificate. Spreed WebRTC running on 8443 port, and coturn server on 8444 port. Here is the vhost config file ServerName sub.domain.com SSLEngine on SSLStrictSNIVHostCheck Off SSLProxyEngine On SSLProxyCheckPeerCN Off SSLProxyCheckPeerName Off SSLProxyVerify none ProxyPass https://127.0.0.1:8443/ ProxyPassReverse https://127.0.0.1:8443/ ProxyPass wss://127.0.0.1:8443/ ProxyVia On ProxyPreserveHost On #RequestHeader set X-Forwarded-Proto 'https' env=HTTPS SSLCertificateFile /etc/letsencrypt/live/sub.domain.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/sub.domain.com/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf After I made some modifications; here is the result: 1) Accessing by web address when I enter https://sub.domain.com , the UI loads (not completely), because of this error that displays in browser console. websocket connection to wss://sub.domaine.com/ws failed 2) Accessing by ip address When I enter IP as https://ip_address:8443, there is two cases;a) Kaspersky running Kaspersky prompts me if I want to continue to the dangerous website (this is normal cause there is no certificate for ip address), I click yes. Kaspersky generates its own certificate (I guess), then, the UI loads completely and the spreed webrtc works really great, I was able to make video call between 2 computers.b) Kaspersky not running This time, it’s the web browser that asks me if I want to continue to dangerous site, when I click yes, the UI do not load completely and I receive the same error on console when I access by web address websocket connection to wss://ip_address:8443/ws failed The goal is that webrtc runs when accessing it by web address, I do not understand the problem. Any help?Thanks.

KFSys · Answer

Heya,

I don’t know the exact issue but here are some suggestions on how to resolve it.

1. Ensure WebSocket Proxying

The Apache proxy is properly configured to handle WebSocket connections. You have already made the configurations for that, but you might need to verify if those are working correctly.

2. Secure WebSocket Connections

When accessing via domain name, the WebSocket connection must be secure (wss://) since your site is served over HTTPS.

3. Debugging

When troubleshooting, consider reviewing Apache error logs and access logs which might give you more insights about what’s going wrong.

You can access Apache logs generally at:

/var/log/apache2/error.log
/var/log/apache2/access.log

4. WebRTC Configuration

Check if Spreed WebRTC has configurations related to WebSockets and domains and ensure that those are correctly set to your domain.

Additional Recommendations:

SSL Configuration:

You might need to modify the SSL Proxy configurations in your Apache config:

<Location />
    ProxyPass https://127.0.0.1:8443/
    ProxyPassReverse https://127.0.0.1:8443/
    ProxyPassReverseCookieDomain 127.0.0.1 sub.domain.com
</Location>

<Location /ws>
   ProxyPass wss://127.0.0.1:8443/ws
</Location>

WebSocket Proxy Module:

Make sure that you have the necessary Apache WebSocket proxy module enabled:

sudo a2enmod proxy_wstunnel
sudo systemctl restart apache2

Recap:

Verify WebSocket Proxying in Apache.
Secure WebSocket Connections with wss:// when accessed over HTTPS.
Check WebRTC configurations for WebSocket and Domain-related settings.
Review Apache error and access logs for troubleshooting.
Ensure the proper Apache modules are enabled, and SSL configurations are set correctly.

After performing these steps, try accessing your service again via the subdomain and inspect the console for any errors. If you still encounter issues, the specific errors in your logs or console will be crucial for further troubleshooting.