On Monday, 27 October 2014 16:37:55 UTC, Jens Alfke wrote: > > > WebSocket-over-SSL should work just like regular HTTP, since it opens the > connection in HTTP mode and then uses the Upgrade: header to negotiate a > switch to the WebSocket protocol. This is supposed to be invisible to a > proxy, if the proxy is just passing through the undecrypted SSL traffic to > the server — the proxy doesn't even know there's WebSockets going on. > > I had a quick try of doing it this way - specifying https in the connection, and proxying that through nginx to a gateway with the SSL cert and key specified in the config file. ngninx doesn't see any of the http content, just logs this sort of thing:
85.13.70.247 - - [27/Oct/2014:22:50:22 +0000] "\x16\x03\x01\x00\xC0\x01\x00\x00\xBC\x03\x03TN\xCC0\xF8\xB9\xE1\x02\x88\xFF7\x1A,\xB8\x22\x09\xA1'\xF75\xFF\x19L\xD0\x9F\x7Ff\xE7]\xB9\x8Cy\x00\x00J\x00\xFF\xC0$\xC0#\xC0" 400 181 "-" "-" which to me looks like the proxy has to be the SSL endpoint to get to see the Upgrade: header? -- You received this message because you are subscribed to the Google Groups "Couchbase Mobile" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/mobile-couchbase/a1a4122d-038f-4350-bed0-7b473ec2ea3a%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
