I use Ratchet websocket on my server. It is working well without SSL but i need to make it work with SSL.
I've read this stackoverflow post. Unfortunately the support of my PAAS don't use httpd.conf. They advised me to add the ProxyPass straight in the .htaccess.
Regarding adding the following line in httpd.conf file then here I would like to inform that we are not using httpd on the server as server is Debian based and we are using Apache web server. I believe you can use the same line in htaccess file or it would be better if you can consult with the developer regarding this.
# ProxyPass for Ratchet with SSL
ProxyPass /wss2/ ws://127.198.132.141:8000/
# Preventing the app from being indexed
Header set X-Robots-Tag "noindex, nofollow"
# Use the front controller as index file. It serves as a fallback solution when
# every other rewrite/redirect fails (e.g. in an aliased environment without
# mod_rewrite). Additionally, this reduces the matching process for the
# start page (path "/") because otherwise Apache will apply the rewriting rules
# to each configured DirectoryIndex file (e.g. index.php, index.html, index.pl).
DirectoryIndex app.php
# By default, Apache does not evaluate symbolic links if you did not enable this
# feature in your server configuration. Uncomment the following line if you
# install assets as symlinks or if you experience problems related to symlinks
# when compiling LESS/Sass/CoffeScript assets.
# Options FollowSymlinks
# Disabling MultiViews prevents unwanted negotiation, e.g. "/app" should not resolve
# to the front controller "/app.php" but be rewritten to "/app.php/app".
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
<IfModule mod_rewrite.c>
RewriteEngine On
[...]
Unfortunately Adding ProxyPass /wss2/ ws://127.198.132.141:8000/ is crashing the server as if the .htaccess was incorrect.
Do you have any solutions or hints?
UPDATE :
From what i understand we can't use ProxyPass in .htaccess it should be only used in the server configuration or virtual host configuration.
I tried to explain it to the support but they do not seem to understand.
So apparently it is forbidden to use ProxyPass in .htaccess.
"ProxyPass and ProxyPassReverse are available only in the server config and virtual host contexts."
Therefore if you can't add this line in the server config, could it be added in the virtual host contexts?
Their answer :
As I have again reviewed all the settings on the server level which includes the Apache modules and Firewall rules to make the Ratchet websockets able to run on the server also the rules which we have added in Firewall indicates that all the traffic from outside is allowed on the port 8000 and I believe which should be sufficient to allow outside connections for websocket.
As of now, it seems like you are trying to make the connection using the different port (in case of https). As we have reviewed the server settings and configurations and all seems to be good.
It would be highly appreciated if you can involves the developer in this process so he can guide you better as he know the code level things much better.
Right now attempting to connect with wss will throw :
WebSocket connection to 'wss://127.198.132.141/wss2/' failed: WebSocket opening handshake was canceled
While using http with ws is working well.
In your virtual host add :
ProxyPass /wss2/ ws://yourdomain.xxx:8888/
(try with port 8888)
do not forget to restart apache service
virtual host example:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/html
<Directory /var/www/html/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<IfModule mod_dir.c>
DirectoryIndex index.php index.pl index.cgi index.html index.xhtml index.htm
</IfModule>
SSLCertificateFile /etc/letsencrypt/live/yourdomain.xxx/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yourdomain.xxx/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
ServerName yourdomain.xxx
ProxyPass /wss2/ ws://yourdomain.xxx:8888/
</VirtualHost>
</IfModule>
Here you can find a full working example https://github.com/ratchetphp/Ratchet/issues/100