Cannot connect to server via wss

Question

I have the below nginx.conf file set to handle http and https. I'm currently using a self-signed certificate to test over ssl.

server {
    listen      80;
    listen      443 ssl;
    server_name  localhost;
    ssl_certificate /etc/nginx/ssl/nginx.crt;
    ssl_certificate_key /etc/nginx/ssl/nginx.key;

location / {
    proxy_pass http://node:8000;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

location /socketcluster/ {
    proxy_pass http://node:8000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;
}

When i try to connect via localhost . http,https & ws:// seem to work fine. However when the client tries to connect via wss:// . i get the below error

WebSocket connection to 'wss://localhost:80/socketcluster/' failed: Error in connection establishment: net::ERR_SSL_PROTOCOL_ERROR

my nginx log shows this -

nginx       | 172.18.0.1 - - [25/Aug/2016:20:34:51 +0000] "\x16\x03\x01\x00\x7F\x01\x00\x00{\x03\x02\xB0\x80r\xEEH\x8C\x03\xAFFw\x9A4\xC2\x84\xB6\xD9\x9E;|\xDFbD\x1D\xF6)Ai\xB3<C\x13O\x00\x00\x10\xC0" 400 173 "-" "-"
Is there something additional i have to be adding to the nginx conf file to get wss:// to work?

Since your client connection error includes `localhost`, I tend to assume that you badly tried to hide something or you made a mistake there. — Julie Pelletier, Aug 26 '16 at 05:52
I'm sorry .. i dont understand .. where could the mistake be? — Kannaj, Aug 26 '16 at 05:54
no .. everything is on one machine with self signed certificates .. i havent deployed to a vps yet — Kannaj, Aug 26 '16 at 05:56
I'm using the browser (chrome) .. it doesnt seem to work over firefox either :( — Kannaj, Aug 26 '16 at 06:00

score 1 · Accepted Answer · edited Apr 13 '17 at 12:14

1

Should your connection be to 443? e.g. wss://localhost:443/socketcluster/.

port 80 is not configured for ssl and therefore won't respond to ssl handshake.

Equally (as here) you can call directly without specifying port (default ports 80 and 443) e.g. wss://localhost/socketcluster/.

edited Apr 13 '17 at 12:14

Community

1

answered Aug 26 '16 at 11:07

Dazed

236
2
10

what should be changed in this .conf file? – Esqarrouth Jun 06 '20 at 21:42
@Esqarrouth. I don't understand your question - in the original question - the OP had configured nginx to support both secure (port 443) and plain (port 80) - the issue for them was they had specified port 80 directly client side. There was no server side change to make. If your situation is different you may want to post your own seperate question. – Dazed Jun 12 '20 at 14:10

Cannot connect to server via wss

1 Answers1