javascriptnginxethereum

Websocket connection for nginx and parity?


I am running a dAPP on a cloud server and using nginx and parity client with wesocket enabled on it.

I installed a certbot certificate for the https domain. Now i am having problem that while accessing my website using https it gives an error on chrome that..

  web3-providers.umd.js:1269 Mixed Content: The page at 'https://www. 
  chain.com/' was loaded over HTTPS, but attempted to connect to the 
 insecure WebSocket endpoint 'ws://40.138.47.154:7546/'. This request has 
   been blocked; this endpoint must be available over WSS.

then i added the reverse proxy on nginx config file as

location / {
         # switch off logging
   access_log off;

    proxy_pass http://localhost:7556; #Port for parity websocket
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

    # WebSocket 
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
}

and then it is giving an error of

"WebSocket interface is active. Open WS connection to access RPC."

What is the problem here and what should i try?

Thanks


Solution

  • The https won't allow loading insecure content on the page.

    One possible solution is to use the SSL/TLS terminator between the application server and the client.

    From the official Nginx docs, the relevant part of the config file could be like this:

    map $http_upgrade $connection_upgrade {
        default upgrade;
        '' close;
    }
    
    upstream websocket {
        server localhost:7546;
    }
    
    server {
        listen 443; 
        
        location / {
            proxy_pass http://websocket;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
            proxy_set_header Host $host;
        }
    
        ssl on;
        # specify cert and key
    
    }
    

    Inside the dApp change 'ws://40.138.47.154:7546/' to wss://40.138.47.154.