Config:
- Plain EC2 instance no ELB
- Glassfish 4 hosting a javax.websocket
- Port 8080 is open to all TCP traffic
- Glassfish http-listener has Websockets Support: True
When I host on my local network I am able to connect with every device (including my phone) that can use WebSockets. However when on AWS any client that sends a HTTP Upgrade request gets this error:
WebSocket connection to 'ws://###.com:8080/###/chat' failed: Connection closed before receiving a handshake response
or
Firefox can’t establish a connection to the server at 'ws://###.com:8080/###/chat'
However, it works with Google Chrome. I believe this is since it doesn't send an Upgrade HTTP request at least according to what Wireshark has showed.
If anyone can direct me to what is configured wrong, many thanks be coming your way.
Edit: I have since added a NGINX reverse proxy to get some logs
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
upstream websocket {
server 127.0.0.1:7676;
}
server {
listen 8080 ssl;
location / {
proxy_pass https://websocket;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $connection_upgrade;
}
add_header Strict-Transport-Security "max-age=31536000";
ssl on;
ssl_certificate /home/ubuntu/ssl/cert.crt;
ssl_certificate_key /home/ubuntu/ssl_cert.key;
ssl_prefer_server_ciphers on;
}
Google Chrome which still works gives:
"GET /###/chat HTTP/1.1" 101
Everything else which doesn't work gives:
"GET /###/chat HTTP/1.1" 400
##Short version##
I don't really know about NGINX configuration but I see that SSL is requested and that your SSL certificate seems to be valid (important!). The connection point rule can be summarized as:
and vice-versa:
##Formal answer##
The bible of websocket is RFC 6455. In section 4.1.5:
The secure flag is defined by the URI. Section 3 defines what is secure
TL;DR