1

I set up the first socket.io example "Using with Node HTTP server" from http://socket.io/#how-to-use behind a nginx reverse proxy. This works as expected as long is I keep it to http. If I rewrite http to https (terminating at the nginx) by introducing an nginx rewrite rule, I cannot get to it work properly.

The client console.log shows me:

SecurityError: The operation is insecure.                 socket.io.js (line 2371)
this.websocket = new Socket(this.prepareUrl() + query);

TypeError: this.websocket is undefined                    socket.io.js (line 2438)
this.websocket.close();

I'm rather new to nodejs and also nginx, so I could well be making some basic mistake, but after hours of experimenting and googling I still can't get it completely working.

Nginx (v1.4.1) configuration file:

upstream dev {
    server 127.0.0.1:8001;
}
server {
    # Listen on 80 and 443
    listen 80;
    listen 443 ssl;
    server_name _;

    ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
    ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    location /dev/ {
            if ($ssl_protocol = "") {
                    rewrite ^ https://$host$request_uri? permanent;
            }
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;

            proxy_pass http://dev/;
            proxy_redirect off;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection "upgrade";
    }
}

index.html:

<script src="./socket.io/socket.io.js"></script>
<script>

  var socket = io.connect('http://'+window.location.host+':8001');

  socket.on('news', function (data) {
    console.log(data);
    socket.emit('my other event', { my: 'data' });
  });
</script>

server.js:

var app = require('http').createServer(handler)
  , io = require('socket.io').listen(app)
  , fs = require('fs')

app.listen(8001);

function handler (req, res) {
  fs.readFile(__dirname + '/index.html',
  function (err, data) {
    if (err) {
      res.writeHead(500);
      return res.end('Error loading index.html');
    }

    res.writeHead(200);
    res.end(data);
  });
}

io.sockets.on('connection', function (socket) {
  socket.emit('news', { hello: 'world' });
  socket.on('my other event', function (data) {
    console.log(data);
  });
});
Improve this question

1 Answer 1

Reset to default
1

you are sending unsafe content via https. try these:

index.html

var socket = io.connect('https://'+window.location.host+':8001'); //added https...

server.js:

var app = require('https').createServer(handler)
  , io = require('socket.io').listen(app)
  , fs = require('fs');

var options = {
  key: fs.readFileSync('crts/ssl.key'), //the route to your certs.
  cert: fs.readFileSync('crts/ssl.cert'),
  ca: fs.readFileSync('crts/ssl.ca')
};

https.createServer(options, app).listen(8001); //https server

function handler (req, res) {
  fs.readFile(__dirname + '/index.html',
  function (err, data) {
    if (err) {
      res.writeHead(500);
      return res.end('Error loading index.html');
    }

    res.writeHead(200);
    res.end(data);
  });
}

io.sockets.on('connection', function (socket) {
  socket.emit('news', { hello: 'world' });
  socket.on('my other event', function (data) {
    console.log(data);
  });
});
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thank you for answering. But your code doesn't work for me. I get "Missing PFX or certificate + private key". The ssl files are definitely available in the subdirectory. Also, does your answer mean to suggest I cannot terminate https at nginx and forward only http requests to nodejs ?
@3boll kindly take a look at this stackoverflow.com/questions/23103241/… ?

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.