Ratchet websocket SSL connect?

[Johny Carson]

I have a ratchet chat server file

use Ratchet\Server\IoServer;
use Ratchet\WebSocket\WsServer;
use MyAppChat\Chat;
require dirname(__DIR__) . '/vendor/autoload.php';
$server = IoServer::factory(
    new WsServer(
        new Chat()
    )
  , 26666
);
$server->run();

i using JS Websocket connect success throw http

if ("WebSocket" in window) {
    var ws = new WebSocket("ws://ratchet.mydomain.org:8888");
    ws.onopen = function() {
        // Web Socket is connected. You can send data by send() method.
        ws.send("message to send");
    };
    ws.onmessage = function (evt) { 
        var received_msg = evt.data;
    };
    ws.onclose = function() { 
        // websocket is closed. 
    };
} else {
  // the browser doesn't support WebSocket.
}

I will install SSL in my webserver and try connect via SSL but failed

if ("WebSocket" in window) {
    var ws = new WebSocket("wss://ratchet.mydomain.org:8888");
    ws.onopen = function() {
        // Web Socket is connected. You can send data by send() method.
        ws.send("message to send");
    };
    ws.onmessage = function (evt) { 
        var received_msg = evt.data;
    };
    ws.onclose = function() { 
        // websocket is closed. 
    };
} else {
  // the browser doesn't support WebSocket.
}

My question is how can using ratchet for websocket SSL connection in one dedicated?

Thanks somuch

[cboden]

Hi Johny,

(response copy/pasted from GH issue for anyone else looking on the mailing list for this solution):

The best solution would be to use Nginx as your web server. Have Nginx listen on port 80 for incoming connections and have it handle your SSL. Nginx will forward incoming connections to PHP-FPM for your regular website and if it detects a connection is a WebSocket connection have it proxy to your running Ratchet application on a port of your choice. Your javascript could then connect via wss://mydomain.org

Nginx SSL docs
Nginx WebSocket docs

[Muhammad Usman]

I know it's an old thread. Expanding @cboden's answer, I want to share my exact Nginx config.

My Ratchet is running on 10.132.6.124:8081 (private/local network IP)

JS calls wss://mydomain.com:8080 and I route it to Ratchet via Nginx.

map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}


upstream websocket {
    server 10.132.6.124:8081;
}


server {
    listen 8080 ssl;

    ssl_certificate /etc/nginx/ssl/mydomain.com/certid/server.crt;
    ssl_certificate_key /etc/nginx/ssl/mydomain.com/certid/server.key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
   
    charset utf-8;

    location / {
        proxy_pass http://websocket;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_read_timeout 3600;
    }
}

By default Nginx closes WebSocket connection automatically after 30 seconds of inactivity. I extended it to 1 hour by adding this proxy_read_timeout 3600.

I am not an Nginx expert but the above config works for me.

[Dustin Graham]

Again, to expand on this thread for reference.

http://stackoverflow.com/questions/16979793/php-ratchet-websocket-ssl-connect

If you're using apache with mod_proxy, the solution was dead simple.

Added:

ProxyPass /wss ws://my.domain.com:8888

with a javascript websocket:

wss://my.domain.com/wss

and it passed the socket along brilliantly. Web portal is now https using letsencrypt with a green lock. :)

[rgbe...@gmail.com]

To expand a bit further, 

the ProxyPass /wss ws://my.domain.com:8888 should be added in the proxy.conf file located in /etc/apache2/mod-enabled/ (Ubuntu)

[chri...@busch-peine.de]

Having a websocket server without SSL support maybe is unbearable for us?
In our application(s), we wanna track the IP of the connecting clients, which is tricky with proxies.

Any Help or pointers?

Kind Regards
gizmore

[nishanth....@gmail.com]

After installing lets Encrypt

Will some one answer to this issue

https://github.com/ratchetphp/Ratchet/issues/705

[nishanth....@gmail.com]

After installing lets Encrypt
Will some one answer to this issue 

https://github.com/ratchetphp/Ratchet/issues/705