Versions Compared

Old Version 6

changes.mady.by.user John Sinclair

Saved on

compared with

New Version 7

changes.mady.by.user John Sinclair

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

There are two parts to making this work -

  1. having the client connect on wss: port 443

...

  2. having the proxy forward the events URL to the websocket for OMK.

Request the clients browser to use 443 for the websocket

...

Code Block
languageperl
titleopCommon.nmis set websocket port
  'websocket_proxy_port' => '443'

After updating the opCommon configuration, restart the omkd daemon.

Proxy the connection from your SSL/TLS termination to the OMK webservice

...

Code Block
titleApache .conf file snippet
<VirtualHost *:443>
SSLEngine on
SSLProxyEngine on
ServerName some.example.com

ProxyPass "/en/omk/opCharts/events/log" "ws://localhost:8042/en/omk/opCharts/events/log"


ProxyRequests off
RequestHeader set X-Forwarded-Proto "https"

After updating the Apache configuration, restart the Apache daemon.


Info
titleAdditional Apache Configuration items and their impact
Proxy WS Tunnel module 
The Apache WS proxy tunnel Module needs to be enabled for ProxyPass to work for ws.
On most systems this can be found as "proxy_wstunnel.load" you will probably find this file in mods-available and simply need to link it mods-enabled.  Your Apache setup might use other configuration methods to load modules so please do check.

WSS HTTPS interaction

Please note apache will force the use of WSS (SSL websocket) if you are using HTTPS.  This is because the apache configuration:

RequestHeader set X-Forwarded-Proto "https"
As the X-Forwarded-Proto HTTP header is seen by the OMK webservice, it therefore sets the connection URLs to be wss not ws.

...