I'm trying to setup my SocketCluster app to use SSL. I'm able to get it working on nginx without ssl but not with it. When ever I visit the site in the browser I get the nginx welcome page. If i visit port 8000 in the browser I'm able to see socket cluster but not if using the https protocol.
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/server.key;
server_name 104.xxx.54.xxx;
access_log /var/log/nginx/nginx.vhost.access.log;
error_log /var/log/nginx/nginx.vhost.error.log;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header HOST $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass https://localhost:8000;
proxy_redirect off;
}
}
var argv = require('minimist')(process.argv.slice(2));
var SocketCluster = require('socketcluster').SocketCluster;
require('dotenv').config();
var socketCluster = new SocketCluster({
workers: Number(argv.w) || 3,
brokers: Number(argv.b) || 1,
port: Number(argv.p) || 8000,
path: '/socket',
appName: '...',
workerController: __dirname + '/worker.js',
brokerController: __dirname + '/broker.js',
socketChannelLimit: 1000,
crashWorkerOnError: argv['auto-reboot'] != false,
rejectUnauthorized: false,
secure: true
});
You appear to be terminating SSL in the reverse-proxy. Your service listening on port 8000 is non-SSL. So your proxy-pass should use HTTP for the upstream connection and not HTTPS. Try:
proxy_pass http://localhost:8000;
You may want to add an X-Forwarded-Proto header:
proxy_set_header X-Forwarded-Proto $scheme;