I made a WebSocket service in Apache under CentOs with PHP and JS that works great if the protocol is ws:// . The problem is that the site is served through https:// so I must use wss protocol (cause mixed content policy). I have tried many approaches to make it work and any idea would really help.

First I tried to bind the socket of the WS (WebSocket) Server to 443 , but I got permission denied. The next thing was trying to alternate httpd.conf through include file to make every communication made in this server IP though a certain port e.g. 9100 to use a certain crt key and cabundle files. I made it copying the VirtualHost entry for the domain when it uses https , port 443 . But I am stack , I cant find a way to make Apache treat the communication to a certain IP and port (for a single domain or not) with the same ssl encode and decode files as the one used in the domain https 443 port.

Any idea in the way I am searching it , or in an alternate way would be great. Thank you in advance

Recommended Answers

All 2 Replies

If I recall, a websocket is just an HTTP request that gets upgraded to a persistent connection. I haven't read the spec entirely, but it's much like a 302 response, but for the WS upgrade.

Hello ryantroop , indeed websocket communication does a HTTPS or HTTP request for switching protocols. I've never had any problem with this first request when using http and ws protocols , the problem is with wss. I though that there must be an easy solution , in httpd.conf you just tell apache with VirtualHost that if the request came from 443 in a certain IP for a certain domain then to use a crt , key and cabundle files to do the encoding / decoding back stage. So there should be a way to tell the same if any request comes to another port (lets say 9100). The difference is that in first case runs the apache daemon that “hear” for request in 443 and in the latter there is a server daemon that you just build and bind it in a port. Although there must be a way with apache my knowledge to apache is limited so I am swifting the issue to PHP that there I know how to do it (I just have to rewrite the server daemon once again) , and I would prefer to have the server do the encoding / decoding for ssl communication than PHP.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.