Search posts, tags, users, and pages
Sure,
server.js looks like this:
var app = require("express")(); var https = require("https");
var fs = require('fs'); var io = require("socket.io")(https);
var port = 3000;
var privateKey = fs.readFileSync('/etc/apache2/ssl-certificate/site.key', 'utf8');
var certificate = fs.readFileSync('/etc/apache2/ssl-certificate/site.crt', 'utf8');
option = {
key: privateKey,
cert: certificate,
}
io.on("connection", function (socket) {socket.on("message", function (data) {
console.log("message Recieved: " + JSON.stringify(data));
io.emit("conversation:" + data.conversation_id, data);
});
socket.on("chat_attachment", function (data) { console.log("message Recieved: " + JSON.stringify(data)); io.emit("conversation:" + data.conversation_id, data); }); });
https.createServer(option, app).listen(port, '0.0.0.0', function () { console.log("Listening on Port " + port);
});
As you can see we are using express. This is a laravel project. Works great in my local server or without https.
Does this help?
When I add:
ProxyPass / http://domain:3000/
ProxyPassReverse / http://domain:3000/
To Apache conf it will just give me Service Unavailable.
A folk at stackoverflow recommended to:
"Terminate your SSL at the Apache instance and have node just worry about http. If the server blocks inbound http on port 3000 you're all set. – Paul 4 hours ago"
My response:
But would't that remove https? the point is serving the site with Apache with SSL (HTTPS) and having nodejs work only for the real time chat feature we built. We want to keep https. – Diego Ponciano 3 hours ago
His response:
No, you pipe all https through apache as the reverse proxy. You don't allow direct https or http access to your node app from the outside world, it all gets funneled through apache – Paul 3 hours ago
I'm lost there, no idea how to achieve that.
I haven't used socket.io, but it's my understanding that if you use Apache, NGINX, or something else as a reverse proxy to node.js, then you wouldn't need to worry about https in your node app, as communication between the node app and the reverse proxy server doesn't need to be encrypted; only the data going in and out of the server needs to be encrypted, and the reverse proxy should handle that.
Again, I could be mistaken, but the above code seems like what you would use if you were communicating with the node app directly and not going through a reverse proxy.
I'll look into it more, as I'm interested in knowing if my understanding is correct or not.
Hmm I see, it's all consistent with the response I got from stackoverflow. The problem is I have no idea how to configure that reverse proxy and when I do it just dies on me.
Thanks a lot :) and please please let me know if you find anything, will be really helpful.
Hi there Joe Gaspar we were able to set it up by creating a subdomain (backend.ourdomain.com) and handling port 3000 there (with Apache reverse proxy), just thought it would be good to leave you a comment. Thanks for the help.
Hi Diego Ponciano, I'm sorry I did not. I completely forgot about this. As for subdomains, make sure you're using a wildcard certificate. If you're using Letsencrypt, you have to explicitly add the subdomain to your cert, as they haven't yet implemented wildcard certs yet (coming January 2018).