Hello, You may need to use SSLProxyCheckPeerCN / SSLProxyCheckPeerName off
From: Weare Borg [mailto:kernelfr...@gmail.com] Sent: 25 August 2017 09:14 To: users@httpd.apache.org Subject: [users@httpd] Websockets not working with Apache proxypass, keep getting 400. Distribution : Debian server. 3.2.0-4-amd64 #1 SMP Debian 3.2.73-2+deb7u2 x86_64 GNU/Linux Server version: Apache/2.2.22 (Debian) Hello friends, I am working on integrating Websocket based functionality into our Spring-MVC application. It works on my localhost, where I neither have SSL, nor apache web server with ProxyPass. We have a library called cometd which supports websocket functionality which we are trying to make it work. When I add it on the server, the situation changes, with proxypass, whenever I try to make the connection from https go to wss, it doesn't work and I keep getting a 400. What am I doing wrong? I had added the same question on SO, but didn't got any good answer even after a bounty, hoping something more would be here. Question link : QuestionLink<https://stackoverflow.com/questions/45275229/apacheserver-proxypass-websockets-not-working-url-changed-to-https-instead-o> 000-default.conf <VirtualHost *:443> ServerName www.oursite.de<http://www.oursite.de> ServerAlias oursite.de<http://oursite.de> ProxyRequests off ProxyPreserveHost On <Proxy https://www.oursite.de:8444/> Order deny,allow Allow from all </Proxy> ProxyPass /nagios ! ProxyReceiveBufferSize 4096 ErrorDocument 503 /error/message.html ProxyPass /error/ ! ProxyPass /error/message.html ! SSLEngine on SSLProxyEngine on SSLCertificateFile /etc/letsencrypt/live/www.oursite.de-0002/cert.crt SSLCertificateKeyFile /etc/letsencrypt/live/www.oursite.de-0002/private.key SSLCertificateChainFile /etc/letsencrypt/live/www.oursite.de-0002/chain.pem ProxyPass / https://localhost:8444/ ProxyPassReverse / https://localhost:8444/ ProxyPass /cometd/ wss://localhost:8444/cometd/ ProxyPassReverse /cometd wss://localhost:8444/cometd/ <Location / > Order allow,deny Allow from all </Location> </VirtualHost> As we have 3 different applications running on the same server, application running on port 8444 is the one where we have cometd instance running. The URL is always /cometd, and it's calculated in this manner : var cometURL = location.protocol + "//" + location.host+ config.contextPath + "/cometd"; If there is anything else required. Kindly let me know. Thanks.
