1

I'm trying to connect to a non-secure web socket server through WS, although when setting up a proxy with nginx I receive (on the WS server):

The handshake failed due to an unexpected packet format.

This is handled as an IOException, and crashes the entire server. stacktrace

Here is my nginx configuration:

server {
    listen 80;
    listen [::]:80;
    server_name ws.tunnel.cf;
    return 302 https://$server_name$request_uri;
}

server {

    # SSL configuration

    listen 443 ssl;
    listen [::]:443 ssl;
    ssl_certificate         /etc/ssl/certs/cert.pem;
    ssl_certificate_key     /etc/ssl/private/key.pem;

    server_name ws.tunnel.cf;


    location / {
         proxy_pass http://213.43.156.21:8000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    }
}

How exactly can I connect to my non secure web socket server, without making it WSS?

I am using Fleck as a package for the server.

Code for connecting:

const socket = new WebSocket('wss://ws.tunnel.cf');

socket.addEventListener('open', function (event) {
    console.log('WS:open');
});
Liam Savage
  • 127
  • 6
  • Have you checked [this answer](https://stackoverflow.com/a/21500778/3034273)? – Xerillio Dec 14 '20 at 20:54
  • @Xerillio Yes, see my nginx configuration, it enforces port 443 (SSL) on NGINX side. – Liam Savage Dec 14 '20 at 20:55
  • That only works if the client can handle a redirect properly. You have yet to show the code from where you actually make the request – Xerillio Dec 14 '20 at 20:56
  • @Xerillio I have updated my question, there is no location block under port 80 server block, only 443 so it is impossible for it to even try connecting via port 80 (http). – Liam Savage Dec 14 '20 at 21:01
  • My nginx knowledge comes a little short here, but it seems to me you are trying to pass an SSL connection from nginx to a backend application that doesn't handle SSL. So I think you either need to [SSL offload](https://www.nginx.com/blog/nginx-ssl/) in nginx or configure your application to handle SSL/TLS connections – Xerillio Dec 14 '20 at 21:30
  • I am using `http` and not `https` with the proxy_pass, I don't believe I am passing a https connection? I could be wrong and will look into your suggestion. – Liam Savage Dec 14 '20 at 22:38

0 Answers0