I have a ratchet chat server file
use Ratchet\Server\IoServer;
use Ratchet\WebSocket\WsServer;
use MyAppChat\Chat;
require dirname(__DIR__) . '/vendor/autoload.php';
$server = IoServer::factory(
new WsServer(
new Chat()
)
, 26666
);
$server->run();
I using Websocket to connect with ws and it works fine
if ("WebSocket" in window) {
var ws = new WebSocket("ws://ratchet.mydomain.org:8888");
ws.onopen = function() {
// Web Socket is connected. You can send data by send() method.
ws.send("message to send");
};
ws.onmessage = function (evt) {
var received_msg = evt.data;
};
ws.onclose = function() {
// websocket is closed.
};
} else {
// the browser doesn't support WebSocket.
}
I want secure connection, so I try to connect with SSL but is not work.
if ("WebSocket" in window) {
var ws = new WebSocket("wss://ratchet.mydomain.org:8888");
ws.onopen = function() {
// Web Socket is connected. You can send data by send() method.
ws.send("message to send");
};
ws.onmessage = function (evt) {
var received_msg = evt.data;
};
ws.onclose = function() {
// websocket is closed.
};
} else {
// the browser doesn't support WebSocket.
}
My question is how to connect websocket with SSL connection
Any idea?
If you are using Apache web server (2.4 or above), enable these modules in httpd.conf file :
Add this setting to your httpd.conf file
ProxyPass /wss2/ ws://ratchet.mydomain.org:8888/
Use this URL in your JavaSscript call when you want a WSS connection:
var ws = new WebSocket("wss://ratchet.mydomain.org/wss2/NNN");
Restart Apache web server and make sure that your Ratchet worker (web socket connection) is open before applying the settings (telnet hostname port).
I found this answer on Ratchet's google group by Chris Boden:
The best solution would be to use Nginx as your web server. Have Nginx listen on port 80 for incoming connections and have it handle your SSL. Nginx will forward incoming connections to PHP-FPM for your regular website and if it detects a connection is a WebSocket connection have it proxy to your running Ratchet application on a port of your choice. Your javascript could then connect via wss://mydomain.org
This is an alternative way to using stunnel if your application is going to be served using nginx.
A few days ago I was looking for the answer of this question and I found this in the Github Ratchet issues: https://github.com/ratchetphp/Ratchet/issues/489
The last answer, answered by heidji, says this:
I only added this comment for newbies like me who need a quick instruction how to implement SSL: Via the ReactPHP docs you only need to construct the SecureServer mentioned in such manner:
$webSock = new React\Socket\Server('0.0.0.0:8443', $loop);$webSock = new React\Socket\SecureServer($webSock, $loop, ['local_cert' => '/etc/ssl/key.pem', 'allow_self_signed' => true, 'verify_peer' => false]);
and then inject into the IoServer as mentioned by cboden above
So it seems that now there is a way to implement a secure websocket server with Ratchet without needing an HTTPS proxy.
Here you have the SecureServer class documentation: https://github.com/reactphp/socket#secureserver
If you're using Nginx, just write this in your SSL server block:
location /services/myservice {
# switch off logging
access_log off;
# redirect all HTTP traffic to localhost
proxy_pass http://localhost:1234;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# WebSocket support (nginx 1.4)
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
# Path rewriting
rewrite /services/myservice/(.*) /$1 break;
proxy_redirect off;
# timeout extension, possibly keep this short if using a ping strategy
proxy_read_timeout 99999s;
}
This will upgrade any wss://yoursite.com/services/myservice call to a socket running on port 1234. Just make sure you remember not to leave port 1234 open to the world.
Apache also worked for me, just add in domain conf:
ProxyPass /wss/ wss://127.0.0.1:8888/
Reload apache and then it's import to set wss in client side to include /wss/ location
wss://127.0.0.1/wss/
If you are using Windows IIS, make sure that you have configured it for HTTPS (I'm using self signed certificate), then install reverse proxy:
URL rewrite: https://www.iis.net/downloads/microsoft/url-rewrite and ARR 3.0: https://www.iis.net/downloads/microsoft/application-request-routing
You also need to enable websockets support in IIS:
create folder (e.g. myproxyfolder) for URL rewrite, on this folder create web.config file with content:
<?xml version="1.0" encoding="UTF-8"?>
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="WebSocketProxy" stopProcessing="true">
<match url="(.*)" />
<action type="Rewrite" url="http://127.0.0.1:8080" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
and change "http://127.0.0.1:8080" to your websocket service (I'm using Ratched for PHP on WIN).
On client side in javascript, use secure websockets wss:// protocol, like:
mysock = new WebSocket('wss://127.0.0.1/myproxyfolder');
...
It is working for me for ubuntu 18.04.
var ws = new WebSocket('wss://domain.com/ws/');
Enabled proxy modules by running the following command in terminal.
sudo a2enmod proxy proxy_balancer proxy_wstunnel proxy_http
Added these lines in my Apache virtualhost config file(/etc/apache2/sites-available/000-default-le-ssl.conf)
ProxyRequests Off
ProxyPass "/ws/" "ws://domain.com:5555/"
Restarted apache service. And the websocket started working in https.
来源:https://stackoverflow.com/questions/16979793/php-ratchet-websocket-ssl-connect