Edit History

RuhNet · September 13, 2022

An easy way to proxy WS to encrypted WSS is using HAProxy, thusly:

listen kazoo-websockets
    bind *:7777 ssl crt /etc/ssl/yourcertificate.pem
    default_backend kapps-blackhole

backend kapps-blackhole
  balance source
    option forwardfor
    option http-server-close
    option forceclose
    no option httpclose
    server kz1.z100-blackhole 1.2.3.4:5555 check
    server kz2.z100-blackhole 2.3.4.5:5555 check
    server kz1.z200-blackhole 123.123.123.234:5555 check backup

Note that the certificate file is a full PEM file with cert, ca, and key all smashed into one file. Certbot, GetSSL, and my LEAPI system can all generate these automatically when using Let's Encrypt.

You can also use Nginx to proxy WS to WSS, and an example is in the Switchboard readme file.

RuhNet · September 13, 2022

An easy way to proxy WS to encrypted WSS is using HAProxy, thusly:

listen kazoo-websockets
    bind *:7777 ssl crt /etc/ssl/yourcertificate.pem
    default_backend kapps-blackhole

backend kapps-blackhole
  balance source
    option forwardfor
    option http-server-close
    option forceclose
    no option httpclose
    option httpchk HEAD  /
    server kz1.z100-blackhole 1.2.3.4:5555
    server kz2.z100-blackhole 2.3.4.5:5555
    server kz1.z200-blackhole 123.123.123.234:5555 backup

Note that the certificate file is a full PEM file with cert, ca, and key all smashed into one file. Certbot, GetSSL, and my LEAPI system can all generate these automatically when using Let's Encrypt.

You can also use Nginx to proxy WS to WSS, and an example is in the Switchboard readme file.

Sign In

Edit History

RuhNet

RuhNet

Community Forums

Products

Support