Warning |
---|
Advanced level feature: skills with Apache or Nginx web server configuration and SSL are required. See the 'Current Issues' section below for details of problems you may encounter if you enable this feature. |
...
Code Block |
---|
<VirtualHost *:443> ServerName example.opmantek.com SSLEngine on SSLProxyEngine On ProxyRequests Off SSLCertificateFile /etc/ssl/certs/example/cert.pem SSLCertificateKeyFile /etc/ssl/certs/example/privkey.pem SSLCertificateChainFile /etc/ssl/certs/example/fullchain.pem RequestHeader set X-Forwarded-Proto "https" # Proxy the websocket connection and rewrite the header ProxyPassMatch ^(\/(en|es)\/omk\/opEvents\/ws\/.*)$ ws://localhost:8042/$1 # Proxy the rest of the applicationRewriteEngine On ProxyPass /en/omk http://localhost:8042/en/omkRewriteCond %{REQUEST_URI} ^/en/omk/opEvents/ws/(.*) ProxyPassRewriteRule /es/omk http(.*) ws://localhost:8042/esen/omk/opEvents/ws/%1 [P,L] ProxyPass /omk http://localhost:8042/omk ProxyPassReverse / http:// # Proxy the rest of the application ProxyPass /en/omk http://localhost:8042/en/omk ErrorDocument 503 '<html><head><meta http-equiv="refresh" content="60"></head><body><h1>Temporary Service Interruption</h1>The requested OMK page should be back soon. This page will automatically reload in 60 seconds.</body></html>' </VirtualHost> <VirtualHost *:80> ServerName example.opmantek.com Redirect 301 / https://example.opmantek.com/ </VirtualHost> |
If you receive a "server connection terminated before websocket handshake" response from the browser dev tools console with the above configuration for rhel/centos, then you need to handle the proxy as a rewrite rule , and then proxy that back to the webclient.
Code Block |
---|
replace: ProxyPassMatch ^(\/(en|es)\/omk\/opEvents\/ws\/.*)$ ws://localhost:8042/$1 With: RewriteEngine On RewriteCond %{REQUEST_URI} ^/en/omk/opEvents/ws/(.*) RewriteRule /(.*) ws://localhost:8042/en/omk/opEvents/ws/%1 [P,L] ProxyPass /es/omk http://localhost:8042/es/omk ProxyPass /omk http://localhost:8042/omk ProxyPassReverse / http://localhost:8042/ ErrorDocument 503 '<html><head><meta http-equiv="refresh" content="60"></head><body><h1>Temporary Service Interruption</h1>The requested OMK page should be back soon. This page will automatically reload in 60 seconds.</body></html>' </VirtualHost> <VirtualHost *:80> ServerName example.opmantek.com Redirect 301 / https://example.opmantek.com/ </VirtualHost> |
Settings which you will need to modify from the example
...
Name | Value | Example | Apache Docs |
---|---|---|---|
ServerName | FQDN of the server which users will refer to it by | monit-prod.opmantek.com | https://httpd.apache.org/docs/2.4/vhosts/name-based.html |
SSLCertificateKeyFile | Server PEM-encoded private key file | /etc/ssl/certs/example/privkey.pem | https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatekeyfile |
SSLCertificateChainFile | (Before apache 2.4.8) File of PEM-encoded Server CA Certificates | /etc/ssl/certs/example/fullchain.pem | https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslcertificatekeyfile |
fcgiwrap.socket | allows you to set up a socket for communication between a web server and fcgiwrap to handle FastCGI requests | /var/run/fcgiwrap.socket |
...