PHP sockets do not work over wss://. How to fix?

T

Teran1232017-08-17 16:26:33

PHP

Teran123, 2017-08-17 16:26:33

Hello. I switched the site to https and I can't figure out how to translate the sockets. On http, sockets were connected via ws://sitename.com:3003., now we need them to be available via wss://sitename.com:3003. Please tell me how to do it.
PHP:

$loop   = React\EventLoop\Factory::create();
$context = new React\ZMQ\Context($loop);
$pull = $context->getSocket(ZMQ::SOCKET_PULL);
$pull->bind('tcp://127.0.0.1:3004');
$pull->on('message', array($pusher, 'onMessage'));

$webSock = new React\Socket\Server($loop);
$webSock->listen(3003, '0.0.0.0');
$webServer = new Ratchet\Server\IoServer(
  new Ratchet\Http\HttpServer(
    new Ratchet\WebSocket\WsServer(
      new Ratchet\Wamp\WampServer(
        $pusher
      )
    )
  ),
  $webSock
);

$loop->run();

JS:

window.phpSocket = new ab.Session('wss://sitename.com:3003',

nginx:

server {
    listen   443 ssl;
    keepalive_timeout   70;

    client_max_body_size    500M;
    root /var/www/path/to/site/root;
    index index.php;
    server_name sitename.com;
    gzip_static on;
    gzip            on;
    gzip_min_length 1000;
    gzip_proxied    expired no-cache no-store private auth;
    gzip_types      text/plain application/xml text/css text/javascript application/javascript;


    ssl                     on;
    ssl_certificate         /etc/letsencrypt/live/sitename.com/fullchain.pem;
    ssl_certificate_key     /etc/letsencrypt/live/sitename.com/privkey.pem;
    ssl_session_cache       shared:SSL:10m;
    ssl_session_timeout     10m;

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

T

Teran123, 2017-08-18
@Teran123

Fortunately, I managed to solve the problem myself through hproxy
Step by step:
Install hproxy :

wget http://www.haproxy.org/download/1.5/src/haproxy-1.5.3.tar.gz
tar -zxvf haproxy-1.5.3.tar.gz
cd haproxy-1.5.3
make TARGET=linux2628 USE_PCRE=1 USE_OPENSSL=1 USE_ZLIB=1 USE_CRYPT_H=1 USE_LIBCRYPT=1
make install

The first make gave me an error .
Personally, it helped me on Ubuntu , by which you will access sockets via wss:// (in my case - 3033 and I am now accessing via wss://sitename.com:3033) SOCKET_SERVER_PORT - the port that you have bound in php and which is available via ws:/ /(in my case - 3003) /etc/path/to/full.pem - the path to the certificate, which must contain both the certificate and the certificate key.
If you have the key and the certificate itself separately from each other (as I did), then a simple command will help you (and accordingly, in the path, already indicate the path to the combined .pem file)

cat /etc/path/to/crt.pem /etc/path/to/key.pem > /etc/path/to/full.pem

global
        log     127.0.0.1       local0
        maxconn 10000
        daemon

defaults
        mode                    http
        log                     global
        option                  httplog
        retries                 3
        backlog                 10000
        timeout client          30s
        timeout connect         30s
        timeout server          30s
        timeout tunnel          3600s
        timeout http-keep-alive 1s
        timeout http-request    15s

frontend public
        bind            *:WSS_SOCKET_PORT ssl crt /etc/path/to/full.pem
        acl             is_websocket hdr(Upgrade) -i WebSocket
        use_backend     ws if is_websocket
        default_backend www

backend ws
        server  ws1     127.0.0.1:SOCKET_SERVER_PORT

backend www
        timeout server  30s
        server  www1    127.0.0.1:8080

After that, in JS, I change the connection port to the socket to the one specified in WSS_SOCKET_PORT
Then we start haproxy with our config
And try to connect.
It worked for me)