Upgrading php-7.3 from php 8.2 on rocky-8.7 but WebSocket connection is not working
Before Upgrade: when WebSocket connection working fine
Rocky: 8.7
PHP: 7.3.33
Laravel: 8.83
beyondcode/laravel-websockets: 1.13.1
pusher/pusher-php-server: 4.1.5
After Upgrade:
Rocky: 8.7
PHP: 8.2.1
Laravel: 9.x
beyondcode/laravel-websockets: 1.13.1
pusher/pusher-php-server: 7.2.1 -> pre-supported version by Laravel 9 (this is installed by dependencies not added in composer.json )
Package.json
pusher-js: 7.0.3
Pusher Connection:
pusher = new Pusher(process.env.MIX_PUSHER_APP_KEY, {
cluster: process.env.MIX_PUSHER_APP_CLUSTER,
encrypted: false,
wsHost: window.location.hostname,
// comment for use port 443
// wsPort: 6001,
// wssPort:6001,
enabledTransports: ["ws", "wss"],
forceTLS: true,
});
httpd: ssl.conf file
<IfModule mod_proxy.c>
ProxyRequests On
SSLProxyEngine On
# Ensure WebSocket protocol is forwarded correctly
RewriteEngine on
RewriteCond %{HTTP:UPGRADE} ^Websocket$ [NC]
RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
RewriteRule /app/(.*) wss://%{HTTP:HOST}:6001/app/$1 [P]
</IfModule>
WebSocket request:
URL: wss://test.com/app/ABCDEFGHIJL?protocol=7&client=js&version=7.0.3&flash=false
Message: WebSocket is closed before the connection is established.
When WebSocket request is sent from the browser using port 443 requests is stuck.
Help me in what I'm missing with rocky os
Same settings in Cento OS working fine with php-8.2.1 & Laravel 9
Related
after looking for an answer 2 weeks along, going deep into the docker compose and docker networks documentations, I'd like to ask for some help right here.
I am creating two Web API services, let's called them a back API (back.api.dev) and a front API (front.api.dev).
What I tried so far :
The back API is connected to a MySQL database, and the front API only sends cURL requests to the back API. Both APIs are built upon Symfony and are processed by a docker PHP-FPM container. Everything is served by a docker Apache 2.4 container.
Sending requests through Postman and cURL requests to back.api.dev & front.api.dev are both working great. It works both from my host, but also from the Apache container. I also added 127.0.0.1 back.api.dev and 127.0.0.1 front.api.dev to my /etc/hosts host machine file. The back API is well connected to the database as well.
But when I send a request to a specific front API route which runs a cURL request to the back API using GuzzleHTTP client and send the answer back to the user, I get a cURL error 7: Failed to connect to back.api.dev port 80: Connection refused (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for http://back.api.dev/api/videos/
I also tried to send cURL requests from the CLI inside the front_api container but the result is the same. I also tried to send it directly to the port 9000 handled by php-fpm but I get a cURL error 56: Recv failure: Connection reset by peer error.
Here's the docker-compose.yml file :
version: "3.8"
networks:
my_api_network:
driver: bridge
# external:
# name: my_api_network_default
services:
apache:
container_name: 'api_apache'
image: bitnami/apache:latest
ports:
- 8080:8080
# - 8443:8443
volumes:
- ./docker/apache/vhosts/back-api-dev.conf:/vhosts/back-api-dev.conf:ro
- ./docker/apache/vhosts/front-api-dev.conf:/vhosts/front-api-dev.conf:ro
volumes_from:
- php_backend_api
- php_frontend_api
depends_on:
- php_backend_api
- php_frontend_api
networks:
- my_api_network
php_backend_api:
hostname: 'back.api.dev'
container_name: 'php_backend_api'
build:
context: docker/php7-fpm
network: host
args:
TIMEZONE: 'UTC'
volumes:
- ./docker/php7-fpm/php.ini:/usr/local/etc/php/php.ini:ro
- ./back_api/:/var/www/back_api:cached
- ./back_api/vendor:/var/www/back_api/vendor:delegated
- /var/www/back_api/var/
networks:
- my_api_network
php_frontend_api:
hostname: 'front.api.dev'
container_name: 'php_frontend_api'
build:
context: docker/php7-fpm
network: host
args:
TIMEZONE: 'UTC'
volumes:
- ./docker/php7-fpm/php.ini:/usr/local/etc/php/php.ini:ro
- ./front_api/:/var/www/front_api:cached
- ./front_api/vendor:/var/www/front_api/vendor:delegated
- /var/www/front_api/var/
networks:
- my_api_network
db:
container_name: 'mysql_db'
image: mysql:5.7
restart: always
volumes:
- ./docker/data/mysql:/var/lib/mysql:delegated
- ./docker/mysql:/etc/mysql/conf.d:ro
environment:
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
TZ: ${TIMEZONE}
command: --sql_mode="STRICT_ALL_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER" --default-authentication-plugin=mysql_native_password
ports:
- 3306:3306
networks:
- my_api_network
Here is my back API Apache Virtualhost :
<VirtualHost *:8080>
ServerName back.api.dev
DocumentRoot "/var/www/back_api/public"
ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://php_backend_api:9000/var/www/back_api/public/$1
<Directory "/var/www/back_api/public">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
DirectoryIndex index.php
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [QSA,L]
</IfModule>
</Directory>
LogLevel debug
# LogLevel warn
# LogLevel notice
ErrorLog /opt/bitnami/apache2/logs/error-back.log
CustomLog /opt/bitnami/apache2/logs/access-back.log combined
</VirtualHost>
My guess is that Apache is not enough configured to forward incoming curl requests to the php-fpm instance. I looked after Docker networks, aliases, drivers, extra_hosts but nothing has helped so far to fix this issue.
Thank you for your help.
I'm thinking that there's no url http://back.api.dev/api/videos/ from the front end.
maybe it needs a host entry in the front end like you've done on your host box.
sorry I don't have enough points to put this in as a suggestion comment rather than an answer.
I have a website (ZF1) and an API (Laravel) running on the same Docker (Laradock) container. I can access each separately through a browser, but when I make a cURL request from the website to the application, I get a null response and the header returns 0. If I output the cURL errors, then I get this:
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, '[API_ENDPOINT]');
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);
curl_close ($ch);
echo curl_strerror(curl_errno($ch));
(7) Failed to connect to [API_HOST] port 80: Connection refused
However, if I make a cURL request to https://www.google.com from the application, then it returns a result. I also tried using file_get_contents(), but I received no response and the following warning:
[Thu May 18 21:41:33.828737 2017] [proxy_fcgi:error] [pid 949:tid 139999802541824] [client 172.20.0.1:49652] AH01071: Got error 'PHP message: PHP Warning: file_get_contents
([API_ENDPOINT]): failed to open stream: Connection refused in /var/www/projects/[APPLICATION_PATH]/[CONTROLLER].php on line 2367\n', referer: [WEBSITE_HOST]/[URI]
I also SSHed into the Apache2 container and was able to make a successful cURL call to the API_ENDPOINT and get the expected data back. I then tried using wget to get the header info and received the following:
root#cd3a4177dcfa:/var/log/apache2# wget --header="Host: http://subdomain.example.dev/api/calendarevents" -Os http://localhost
--2017-05-19 07:28:15-- http://localhost/
Resolving localhost (localhost)... ::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:80... connected.
HTTP request sent, awaiting response... No data received.
Retrying.
--2017-05-19 07:28:16-- (try: 2) http://localhost/
Connecting to localhost (localhost)|::1|:80... connected.
HTTP request sent, awaiting response... No data received.
Retrying.
In case it is an Apache2 issue, here is my API VirtualHost:
Listen 80
<VirtualHost *:80>
ServerName subdomain.example.dev
DocumentRoot /var/www/projects/[API_PROJECT]/public/
CustomLog /var/log/apache2/[API_HOST]-access.log combined
ErrorLog /var/log/apache2/[API_HOST]-error.log
Options Indexes FollowSymLinks
<Directory "/var/www/projects/[API_PROJECT]/public/">
Options FollowSymLinks
AllowOverride All
Require all Granted
</Directory>
# set environment
#SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 // Did not notice a difference in behavior when enabled
#CGIPassAuth on // Sites stopped loading when enabled
</VirtualHost>
And Website VirtualHost:
Listen 80
<VirtualHost *:80>
ServerName [WEBSITE_HOST]
DocumentRoot /var/www/projects/[WEBSITE_PROJECT]
ErrorLog /var/log/apache2/[WEBSITE_HOST]-error.log
Options Indexes FollowSymLinks
<Directory "/var/www/projects/[WEBSITE_PROJECT]/repo">
Options FollowSymLinks
AllowOverride All
Require all Granted
</Directory>
# set environment
SetEnv APPLICATION_ENV development
SetEnv APPLICATION_LOGGING false
#SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 // Did not notice a difference in behavior when enabled
#CGIPassAuth on // Sites stopped loading when enabled
</VirtualHost>
This is the Docker info (Windows 10/Hyper V/Docker Version 17.03.1-ce-win12 (12058) Channel: stable)
Containers: 9
Running: 5
Paused: 0
Stopped: 4
Images: 233
Server Version: 17.03.1-ce
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
Logging Driver: json-file
Cgroup Driver: cgroupfs
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Swarm: inactive
Runtimes: runc
Default Runtime: runc
Init Binary: docker-init
containerd version: 4ab9917febca54791c5f071a9d1f404867857fcc
runc version: 54296cf40ad8143b62dbcaa1d90e520a2136ddfe
init version: 949e6fa
Security Options:
seccomp
Profile: default
Kernel Version: 4.9.27-moby
Operating System: Alpine Linux v3.5
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.837 GiB
Name: moby
ID: PE42:IS45:4OO6:JMEQ:NWNB:NQDF:RPEL:JPHJ:L6OP:A5SL:IDP3:F7SV
Docker Root Dir: /var/lib/docker
Debug Mode (client): false
Debug Mode (server): true
File Descriptors: 86
Goroutines: 74
System Time: 2017-05-19T04:52:50.5943959Z
EventsListeners: 0
Registry: https://index.docker.io/v1/
Experimental: true
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
And these are the containers that I am currently running:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
cd3a4177dcfa laradock_apache2 "/opt/docker/bin/e..." 8 hours ago Up 8 hours 0.0.0.0:80->80/tcp, 0.0.0.0:443->443/tcp laradock_apache2_1
8ef66cb80a2e laradock_php-fpm "docker-php-entryp..." 8 hours ago Up 8 hours 9000/tcp laradock_php-fpm_1
988eff458036 laradock_workspace "/sbin/my_init" 8 hours ago Up 8 hours 0.0.0.0:2222->22/tcp laradock_workspace_1
8be5253e8622 laradock_redis "docker-entrypoint..." 8 hours ago Up 8 hours 0.0.0.0:6379->6379/tcp laradock_redis_1
aa6d8d6ae950 laradock_mysql "docker-entrypoint..." 8 hours ago Up 8 hours 0.0.0.0:3306->3306/tcp laradock_mysql_1
I am not sure what is causing the connection to be refused between the two sites on the same container. I checked my php.ini and both curl and allow_url_fopen = on were enabled. I am able access the API_ENDPOINT directly through both browser and CLI cURL and get the expected results. My best guesses at this point are some sort of port conflict, an authorization header being blocked, Apache2 configuration, or some sort of odd Docker/Laradock issue. I also thought it might of been a conflict between Apache2 and PHP-FPM, but the solutions detailed here didn't seem to work for me.
Thank you in advanced for any assistance that you can provide.
Instead of adding to extra_hosts of the php-fpm container.
Modify the Apache2 container's Backend network definition and add an alias.
this was you dont have to keep changing the extra_hosts everytime the ip changes
networks:
frontend:
backend:
aliases:
- subdomain.example.app
I figured out what was causing my issue. I needed to add an extra-host to the PHP-FPM section of my docker-compose.yml file. So add:
- "subdomain.example.app:10.0.75.1"
To extra-hosts. Then you need to rebuild your containers:
docker-compose up -d --build apache2 mysql redis
And this is what the PHP-FPM section of your docker-compose.yml for Laradock should look like:
php-fpm:
build:
context: ./php-fpm
args:
- INSTALL_XDEBUG=${PHP_FPM_INSTALL_XDEBUG}
- INSTALL_BLACKFIRE=${INSTALL_BLACKFIRE}
- INSTALL_SOAP=${PHP_FPM_INSTALL_SOAP}
- INSTALL_MONGO=${PHP_FPM_INSTALL_MONGO}
- INSTALL_ZIP_ARCHIVE=${PHP_FPM_INSTALL_ZIP_ARCHIVE}
- INSTALL_BCMATH=${PHP_FPM_INSTALL_BCMATH}
- INSTALL_PHPREDIS=${PHP_FPM_INSTALL_PHPREDIS}
- INSTALL_MEMCACHED=${PHP_FPM_INSTALL_MEMCACHED}
- INSTALL_OPCACHE=${PHP_FPM_INSTALL_OPCACHE}
- INSTALL_EXIF=${PHP_FPM_INSTALL_EXIF}
- INSTALL_AEROSPIKE_EXTENSION=${PHP_FPM_INSTALL_AEROSPIKE_EXTENSION}
- INSTALL_MYSQLI=true
- INSTALL_TOKENIZER=${PHP_FPM_INSTALL_TOKENIZER}
- INSTALL_INTL=${PHP_FPM_INSTALL_INTL}
- INSTALL_GHOSTSCRIPT=${PHP_FPM_INSTALL_GHOSTSCRIPT}
dockerfile: "Dockerfile-${PHP_VERSION}"
volumes_from:
- applications
volumes:
- ./php-fpm/php${PHP_VERSION}.ini:/usr/local/etc/php/php.ini
expose:
- "9000"
depends_on:
- workspace
extra_hosts:
- "dockerhost:${DOCKER_HOST_IP}"
- "subdomain.example.app:10.0.75.1"
environment:
- PHP_IDE_CONFIG=${PHP_IDE_CONFIG}
networks:
- backend
I have a php application based on codeigniter, and I have a database that is located on remote host with required database installed, setup proper mysql permissions and with mysql port open for remote connections, however, when I run the application it doesn't work and it returns 500 error code.
When I troubleshoot the problem, it gives below error
Message: mysqli::real_connect(): (HY000/2003): Can't connect to MySQL server on '192.168.6.13' (13)
what I have tried so far:
1) make sure all permissions are set correctly.
2) make sure no network related issues are existed such as blocked ports/hosts
3) make sure mysqli is installed and enabled.
4) created a connection test php script and ran it from the command line and it works just fine.
5) the fun part was when I ran the application from command line and it worked correctly as root user and as apache user as su -s /bin/sh apache -c "php index.php".
parameters I have:
1) php version is PHP 5.4.16
2) OS version: CentOS Linux release 7.2.1511 (Core) on both web and DB
3) web server version Apache/2.4.6 (CentOS)
4) mysql Ver 14.14
5) I run my app under ssl, and below is my configurations
<VirtualHost *:443>
#### Gloabl config
DocumentRoot /var/www/bein
DirectoryIndex index.php
ServerName beinmob.com
ServerAlias www.beinmob.com
#### change basic URL to /index.php/POS_Admin/Session
RewriteEngine on
RewriteRule ^/?$ index.php/POS_Admin/Session [R]
#### change url to alias for web services
Alias /web-services /var/www/bein/index.php
Alias /POS_Admin /var/www/bein/
#### Basic Authentication for /web-services url
<Location /POS_Admin>
RewriteEngine on
# Hide the application and system directories by redirecting the request to index.php
RewriteBase /index.php
RewriteRule ^(application|system|\.svn) index.php/$1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [QSA,L]
</Location>
<Location /web-services>
AuthName bein
AuthType Basic
AuthUserFile /etc/httpd/conf.d/beinServicePass
Require valid-user
</Location>
#### SSL configuration
SSLEngine on
SSLCertificateFile /etc/httpd/cert/certs/www_beinmob_com.crt
SSLCertificateKeyFile /etc/httpd/cert/certs/www_beinmob_com.key
SSLCertificateChainFile /etc/httpd/cert/certs/DigiCertCA.crt
</VirtualHost>
Check this it should solve your problem .
Update because the link may become dead if that page moves or is deleted
Login as root and do
setsebool -P httpd_can_network_connect=1
You have to checkout, if you can access to the myslq server from the terminal :
mysql -u youruser -h 192.168.0.3 -p
and see if you can login
It seems that you haven't got a connection, and it's not a problem with apache.
mysql server serve by default the port : 3306
and apache 80 http, 443 https (for example. Some application like ispconfig run on 8080 and several application servers tomcat 81... ...)
But it seems not to be your case
Make Privileges for Your Database .
enter any username
host must be %
and enter any password
after that use this privileges in your db config file .. sure you will get a access to your remote host db
I have a Homestead installation running with Behat to test my Laravel project. I am running into some problems when using the #javasccript tag to run my tasks as Selenium.
I have downloaded Selenium standalone server on my Windows host machine. Its version is 2.42.2
In my behat.yml i have got the following configuration:
default:
extensions:
Behat\MinkExtension:
base_url: http://my.app:8000/
sessions:
default_session:
goutte: ~
selenium_session:
selenium2:
wd_host: http://x.x.x.x:4444/wd/hub/static/resource/hub.html
suites:
functional:
paths: [ %paths.base%/features/functional ]
contexts: [ LaravelFeatureContext ]
However when I run my scenarios I get the following error:
Given I am on the "/users/create" page #
LaravelFeatureContext::iAmOnThePage()
Could not open connection: Curl error thrown for http POST to http://x.x.x.x:4444/wd/hub/static/resource/hub.html/session with
params: {"desiredCapabilities":{"tags":["homestead","PHP
5.6.0-1+deb.sury.org~trusty+1"],"browserName":"firefox","version":"21","platform":"ANY","browserVersion":"9","browser":"firefox","ignoreZoomSetting":"false","name":"Behat
feature suite","deviceOrientation":"portrait","deviceType":"tablet"}}
Failed to connect to 127.0.0.1 port 4444: Connection refused (Behat\Mink\Exception\DriverException)
When i go to http://x.x.x.x:4444/wd/hub/static/resource/hub.html I see that the selenium hub is up and running.
Could the issue here be that I am running Behat from the homestad terminal through SSH and that does not resolve to the IP address of the hub? Because the ip address of the host is localhost
How can I solve this?
I figured out the answer myself.
In behat.yml i had to change the config of wd_hub to http://192.168.178.26:4444/wd/hub and then it works.
I have a ratchet chat server file
use Ratchet\Server\IoServer;
use Ratchet\WebSocket\WsServer;
use MyAppChat\Chat;
require dirname(__DIR__) . '/vendor/autoload.php';
$server = IoServer::factory(
new WsServer(
new Chat()
)
, 26666
);
$server->run();
I using Websocket to connect with ws and it works fine
if ("WebSocket" in window) {
var ws = new WebSocket("ws://ratchet.mydomain.org:8888");
ws.onopen = function() {
// Web Socket is connected. You can send data by send() method.
ws.send("message to send");
};
ws.onmessage = function (evt) {
var received_msg = evt.data;
};
ws.onclose = function() {
// websocket is closed.
};
} else {
// the browser doesn't support WebSocket.
}
I want secure connection, so I try to connect with SSL but is not work.
if ("WebSocket" in window) {
var ws = new WebSocket("wss://ratchet.mydomain.org:8888");
ws.onopen = function() {
// Web Socket is connected. You can send data by send() method.
ws.send("message to send");
};
ws.onmessage = function (evt) {
var received_msg = evt.data;
};
ws.onclose = function() {
// websocket is closed.
};
} else {
// the browser doesn't support WebSocket.
}
My question is how to connect websocket with SSL connection
Any idea?
If you are using Apache web server (2.4 or above), enable these modules in httpd.conf file :
mod_proxy.so
mod_proxy_wstunnel.so
Add this setting to your httpd.conf file
ProxyPass /wss2/ ws://ratchet.mydomain.org:8888/
Use this URL in your JavaScript call when you want a WSS connection:
var ws = new WebSocket("wss://ratchet.mydomain.org/wss2/NNN");
Restart Apache web server and make sure that your Ratchet worker (web socket connection) is open before applying the settings (telnet hostname port).
A few days ago I was looking for the answer of this question and I found this in the Github Ratchet issues: https://github.com/ratchetphp/Ratchet/issues/489
The last answer, answered by heidji, says this:
I only added this comment for newbies like me who need a quick instruction how to implement SSL:
Via the ReactPHP docs you only need to construct the SecureServer mentioned in such manner:
$webSock = new React\Socket\Server('0.0.0.0:8443', $loop);$webSock = new React\Socket\SecureServer($webSock, $loop, ['local_cert' => '/etc/ssl/key.pem', 'allow_self_signed' => true, 'verify_peer' => false]);
and then inject into the IoServer as mentioned by cboden above
So it seems that now there is a way to implement a secure websocket server with Ratchet without needing an HTTPS proxy.
Here you have the SecureServer class documentation: https://github.com/reactphp/socket#secureserver
The problem is that React (which Ratchet is built on) does not support direct SSL connections. See this issue.
There is a simple workaround. Use stunnel with a config like:
[websockets]
accept = 8443
connect = 8888
Stunnel will handle SSL traffic on port 8443 and port them to your websocket server.
I found this answer on Ratchet's google group by Chris Boden:
The best solution would be to use Nginx as your web server. Have Nginx
listen on port 80 for incoming connections and have it handle your
SSL. Nginx will forward incoming connections to PHP-FPM for your
regular website and if it detects a connection is a WebSocket
connection have it proxy to your running Ratchet application on a port
of your choice. Your javascript could then connect via
wss://mydomain.org
This is an alternative way to using stunnel if your application is going to be served using nginx.
If you're using Nginx, just write this in your SSL server block:
location /services/myservice {
# switch off logging
access_log off;
# redirect all HTTP traffic to localhost
proxy_pass http://localhost:1234;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# WebSocket support (nginx 1.4)
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Path rewriting
rewrite /services/myservice/(.*) /$1 break;
proxy_redirect off;
# timeout extension, possibly keep this short if using a ping strategy
proxy_read_timeout 99999s;
}
This will upgrade any wss://yoursite.com/services/myservice call to a socket running on port 1234. Just make sure you remember not to leave port 1234 open to the world.
Apache also worked for me, just add in domain conf:
ProxyPass /wss/ wss://127.0.0.1:8888/
Reload apache and then it's import to set wss in client side to include /wss/ location
wss://127.0.0.1/wss/
If you are using Windows IIS, make sure that you have configured it for HTTPS (I'm using self signed certificate), then install reverse proxy:
URL rewrite:
https://www.iis.net/downloads/microsoft/url-rewrite
and ARR 3.0:
https://www.iis.net/downloads/microsoft/application-request-routing
You also need to enable websockets support in IIS:
create folder (e.g. myproxyfolder) for URL rewrite, on this folder create web.config file with content:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="WebSocketProxy" stopProcessing="true">
<match url="(.*)" />
<action type="Rewrite" url="http://127.0.0.1:8080" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
and change "http://127.0.0.1:8080" to your websocket service (I'm using Ratched for PHP on WIN).
On client side in javascript, use secure websockets wss:// protocol, like:
mysock = new WebSocket('wss://127.0.0.1/myproxyfolder');
...
It is working for me for ubuntu 18.04.
var ws = new WebSocket('wss://domain.com/ws/');
Enabled proxy modules by running the following command in terminal.
sudo a2enmod proxy proxy_balancer proxy_wstunnel proxy_http
Added these lines in my Apache virtualhost config file(/etc/apache2/sites-available/000-default-le-ssl.conf)
ProxyRequests Off
ProxyPass "/ws/" "ws://domain.com:5555/"
Restarted apache service. And the websocket started working in https.
I was trying to do this for a subdomain. Ex: Redirect realtime.domain.org to localhost:8080 from apache.
Here's how it worked. You can create a virtual host and proxy pass that.
<VirtualHost *:80>
ServerName realtime.domain.org
RewriteEngine On
RewriteCond %{HTTP:Connection} Upgrade [NC]
RewriteCond %{HTTP:Upgrade} websocket [NC]
RewriteRule /(.*) ws://localhost:8080/$1 [P,L]
ProxyPreserveHost On
ProxyRequests off
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
</VirtualHost>
So, all the requests to realtime.domain.org can be redirected to port 8080, where you can run the WebSocket handler.