I am having trouble connecting to my gRPC server through anything but the port its running on. I am using Apache/2.4.54.
In my Apache config I have the following lines:
Protocols h2 http/1.1
ProxyPass /rpc h2://127.0.0.1:5051
ProxyPassReverse /rpc https://127.0.0.1:5051
Any time I try to connect my client to the server at example.com/rpc, I get code 14 DNS resolution failed. I can connect and run a method just fine when I use example.com:5051. Any insight as to whats going wrong here?
Related
I am running a video chat program on my SSL site, but need to use a non-SSL server for the chat media server. Here is my setup:
Chat server is running on non-SSL Apache2 ubuntu Amazon instance on port 8080 (checked port is open and running)
Chat is sitting on ssl server using wss://[myserver]/wss/
I've enabled proxy_wstunnel on the server
I’ve added the ProxyPass to the apache2 virtual host
SSLProxyEngine On
ProxyPass /wss/ ws://[myserver]:8080
The chat is running on the server end just fine (aside from video and audio because it’s non-ssl)
It’s not working properly while sitting on the SSL server. I’m getting this error on the screen: “Websocket closed, please try reloading page later.” and this is the error in the console: “WebSocket connection to ‘wss://[myserver]/wss/?room=3’ failed: Error in connection establishment: net::ERR_SSL_PROTOCOL_ERROR”
Any suggestions would be greatly appreciated! Thanks!
Update: After enabling ALL proxy modules, I was able to get this to work. This was the reference that saved me days of headache: https://www.digitalocean.com/community/tutorials/how-to-use-apache-http-server-as-reverse-proxy-using-mod_proxy-extension
I have WebSockets enabled using an Undertow server. When I run the Undertow server directly, WebSockets work well. I serve my pages using HTTPS and I test the endpoint using "wss:" in javascript: it works.
But now, I try to use Apache as a reverse proxy and I want it to let WebSocket connections reach the Undertow server. This is my current Virtual Host:
<VirtualHost *:80 *:443>
ServerName test.example.org
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/example.org/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/example.org/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/example.org/chain.pem
ProxyPass / http://test.example.org:44444/
ProxyPassReverse / http://test.example.org:44444/
</VirtualHost>
Here, Undertow is started as a HTTP server (not HTTPS) on port 44444 and the SSL security is done by Apache.
All the HTML pages work well, but when I try to start a WebSocket connection, I get this error (Chrome) :
WebSocket connection to 'wss://test.example.org/websockets/echo' failed: Error during WebSocket handshake: 'Upgrade' header is missing
And, when I look at the Network tab, I see that indeed two headers are missing in the response from the server, when the "wss://" call is made: "Connection: Upgrade" and "Upgrade: WebSocket". Those headers are present when I connect to Undertow directly, without Apache.
The "Sec-WebSocket-Accept" and "Sec-WebSocket-Location" headers are there but, and I guess this is a second issue, "Sec-WebSocket-Location" is 'ws://test.example.org/websockets/echo' not 'wss://test.example.org/websockets/echo' since Undertow runs on HTTP, not HTTPS.
Last thing, the mod_proxy_wstunnel documentation says "The connection is automatically upgraded to a websocket connection". What does this mean? Apache is upgrading the HTTP connection to a WebSocket connection by itself? This is not what I want! I want to handle the initial HTTP request and the upgrading processes by myself, using Undertow. I use informations from the initial HTTP connection to validate if the user can be connected to the requested endpoint and, if so, I programmatically call Undertow's WebSocketProtocolHandshakeHandler#handleRequest(exchange) to upgrade to a WebSocket connection. I just want Apache to let everything pass without interfering.
Any help on how to run WebSockets using Undertow behind an Apache reverse-proxy?
I got tired and decided to try Nginx.
Within 3 hours, not only did I get WebSockets working, but all my sites on a server were moved to it. Super easy.
The magical lines for WebSockets, in nginx.conf, are:
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
I understand that "Upgrade" is a special "hop-by-hop" header which has to be explicitly configured to be kept.
I hope there is a similar solution for Apache, but man, there is so few documentation about this!
I've got a web app running on localhost:3000. I also have an apache server. I would like to reverse proxy the apache server so that requests to /mywebapp get forwarded to the server running on localhost:3000.
I currently have the following config at the bottom of my httpd.conf file, but I'm getting a server error when I try to access it:
ProxyPass /mywebapp http://localhost:3000
ProxyPassReverse /mywebapp http://localhost:3000
Edit - further details:
I'm running a jetty server with java -jar myapp.jar. I'd like to forward requests to an apache server listening on :80 to the jetty server.
I've got mod_proxy_http.so and mod_proxy.so enabled.
I can tell the server is running on localhost - it responds to curl with the appropriate http response. So I'm pretty sure the issue is with my apache setup, but I can't think what the problem would be.
Apache conf file in conf.d for reference: http://pastebin.com/vhXwjbQe
And I've got this in my httpd.conf:
Include conf.d/*.conf
It's hard to give a generic answer because every situation is different so here are some debugging questions to ask yourself:
if the protocol and port correct on the internal service, http and 3000.
Is the service actually listening for connections from localhost? is it running in a docker container etc that would require it to be listening on a different interface? You can check for this by looking at the output from mywebapp's logs and see if the request are making it through the proxy.
Do the paths on the internal service include the prefix that is being passed to Apache or does apache need to strip these off. if for instance mywebapp expects the path "/foo/bar" and apache's reverse proxy is sending it with the context path included "/mywebapp/foo/bar" then it will not match any path in mywebapp.
I have a uwsgi server running for unix domain socket
[uwsgi]
...
socket = /var/run/someuwsgi.sock
socket = localhost:9987
...
The mod_proxy_uwsgi is installed
In apache config has that line:
ProxyPass /some uwsgi://localhost:9987
And it is working.
Question: what should be the apache config line to go through unix domain socket
/var/run/someuwsgi.sock
?
I tried
ProxyPass /some uwsgi:///var/run/someuwsgi.sock
and got
Bad Request
Your browser sent a request that this server could not understand.
Also tried
ProxyPass /some uwsgi://unix:///var/run/someuwsgi.sock
and got
Proxy Error
The proxy server received an invalid response from an upstream server.
The proxy server could not handle the request GET /some/.
Reason: DNS lookup failure for: unix:
Thanks!
Starting from Apache 2.4.7, support for Unix sockets has been added. The syntax is pretty simple:
ProxyPass / unix:/tmp/uwsgi.sock|uwsgi://
Unfortunately the apache proxy api does not (currently) support unix sockets
From the comments on the other answer and my experience this seems to be the correct syntax:
ProxyPass /some unix:/var/run/someuwsgi.sock|uwsgi://localhost
https://httpd.apache.org/docs/trunk/en/mod/mod_proxy.html#proxypass
In 2.4.7 and later, support for using a Unix Domain Socket is available by using a target which prepends unix:/path/lis.sock|. For example, to proxy HTTP and target the UDS at /home/www.socket, you would use unix:/home/www.socket|http://localhost/whatever/. Since the socket is local, the hostname used (in this case localhost) is moot, but it is passed as the Host: header value of the request.
I have successfully implemented the two different jboss 5 instaces with Apache HTTP Server and can access the application through the HTTP server (i.e. http://localhost:8089) where my http server is listening on port 8089 This was the smooth case. But when talking about HTTP Secured layer have enabled the Apache HTTP SSL by following the steps provided on this page and on default secure port (i.e. 443) now i can access the HTTP Server from secure layer by url: https://localhost/. But when i hit my jboss application, I ended up with following error in browser:
Not Found
The requested URL /myApp was not found on this server.
can anyone let me know how to deal with this?
Thanks