Websocket connection for nginx and parity?

Question

I am running a dAPP on a cloud server and using nginx and parity client with wesocket enabled on it.

I installed a certbot certificate for the https domain. Now i am having problem that while accessing my website using https it gives an error on chrome that..

  web3-providers.umd.js:1269 Mixed Content: The page at 'https://www. 
  chain.com/' was loaded over HTTPS, but attempted to connect to the 
 insecure WebSocket endpoint 'ws://40.138.47.154:7546/'. This request has 
   been blocked; this endpoint must be available over WSS.

then i added the reverse proxy on nginx config file as

location / {
         # switch off logging
   access_log off;

    proxy_pass http://localhost:7556; #Port for parity websocket
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    # WebSocket 
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
}

and then it is giving an error of

"WebSocket interface is active. Open WS connection to access RPC."

What is the problem here and what should i try?

Thanks

Did you manage to connect to Parity RPC (without Nginx) using WebSocket? I mean, are you able to run `geth attach ws://parity.node.ip.address:8546`? — Zulhilmi Zainudin, Aug 01 '19 at 05:24
yes it works fine with geth.I only have a problem after adding the certbot certifcate on the server and it only happens on browser using https. — Hsn, Aug 01 '19 at 08:40
Maybe it's related to Parity CORS. Checkout the configuration docs here: https://wiki.parity.io/Configuring-Parity-Ethereum — Zulhilmi Zainudin, Aug 01 '19 at 11:04
Try to play around with `interface`, `origins` and `hosts` under the `[websockets]` group. — Zulhilmi Zainudin, Aug 02 '19 at 03:19
I think that problem would be solved with nginx.. parity doesnt have to do much here — Hsn, Aug 02 '19 at 08:23

score 1 · Accepted Answer · edited Sep 26 '20 at 16:25

The https won't allow loading insecure content on the page.

One possible solution is to use the SSL/TLS terminator between the application server and the client.

From the official Nginx docs, the relevant part of the config file could be like this:

map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}

upstream websocket {
    server localhost:7546;
}

server {
    listen 443; 
    
    location / {
        proxy_pass http://websocket;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection $connection_upgrade;
        proxy_set_header Host $host;
    }

    ssl on;
    # specify cert and key

}

Inside the dApp change 'ws://40.138.47.154:7546/' to wss://40.138.47.154.

Websocket connection for nginx and parity?

1 Answers1