> On Oct 27, 2014, at 9:13 AM, Marcus Roberts <[email protected]> wrote: > > From my reading around there is a wss:// setting which I think means > web-socket secure,
I believe that's just a URL scheme used to indicate WebSocket-over-SSL. Couchbase Lite's WebSocket library doesn't need a special URL scheme, though, it just takes a regular http: or https: URL. > and I wonder if we need to be setting web sockets into a secure mode at a > lower level (i.e. inside the lite lib) rather than just sending it over an > SSL connection. WebSocket-over-SSL should work just like regular HTTP, since it opens the connection in HTTP mode and then uses the Upgrade: header to negotiate a switch to the WebSocket protocol. This is supposed to be invisible to a proxy, if the proxy is just passing through the undecrypted SSL traffic to the server — the proxy doesn't even know there's WebSockets going on. So perhaps the issue here is that (I think) you're instead using nginx to do the SSL encryption itself? In that case nginx will need to manage the WebSocket protocol, open a WebSocket connection to SG, and relay messages back and forth. Maybe it needs special configuration to do that? —Jens -- You received this message because you are subscribed to the Google Groups "Couchbase Mobile" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/mobile-couchbase/F4C493C0-313F-4C65-922C-F24358DBE490%40couchbase.com. For more options, visit https://groups.google.com/d/optout.
