Ratchet + nginx + SSL/secure websocket

Question

I\'ve been trying to run Ratchet.io over SSL (this problem: php ratchet websocket SSL connect?).

My webserver is running at myhost.mobi, and I have created a separat

Answer 1

By checking question edit history, it is clear that, the configuration in the question was correct, temuri was trying to connect from client with port set in,

upstream websocketserver {
        server localhost:8080;
}

but this code block tells Nginx there is a tcp server running on port 8080, represents it as websocketserver alias, but the running server is not accessible to public.

Check the below configuration,

server {
    server_name wss.myapp.mobi;

    listen 443;
    ssl on;
    ssl_certificate /etc/ssl/myapp-mobi-ssl.crt;
    ssl_certificate_key /etc/ssl/myapp-mobi.key;

    access_log /var/log/wss-access-ssl.log;
    error_log /var/log/wss-error-ssl.log;
    location / {
                proxy_pass http://websocketserver;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
                proxy_set_header Host $host;

                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header X-Forwarded-Proto https;
                proxy_read_timeout 86400; # neccessary to avoid websocket timeout disconnect
                proxy_redirect off;
        }
}

this configuration binds the domain wss.myapp.mobi to port 443 enabling ssl and proxying the requests to the local websocket server via proxy_pass directive, rest directives are for connection upgrades handling.

So the websocket server can be accessed from browser client with

// connect through binded domain
// instead of wss.myapp.mobi:8080 which will not work
var url = 'wss://wss.myapp.mobi';