Setup nginx to allow WebSocket(wss) connection

References

  • https://betterstack.com/community/questions/nginx-to-reverse-proxy-websockets-and-enable-ssl/
  • https://serverfault.com/a/923254

Check nginx support SSL

nginx -V 2>&1 | grep --color ssl

If grep doesn't return any results, then you have to install package that include SSL or compile --with-http_ssl_module option.

Get SSL/TLS Cerfiticate

You need SSL/TLS certificates for you domain to enable wss://protocol. Use certbot to get the certificate.

certbot --nginx -d yourdomain.com

?? TODO: Where certbot store certificate.crt/.key?.

Configure Nginx for SSL and WebSocket

server {
    listen 443 ssl;
    server_name yourdomain.com;

    # SSL Configuration
    ssl_certificate /etc/nginx/ssl/yourdomain.com.crt;
    ssl_certificate_key /etc/nginx/ssl/yourdomain.com.key;

    location / {
        proxy_pass http://backend_server;  # The URL of your WebSocket server
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

Reload Nginx for the change to take effect

# Test Nginx configuration
sudo nginx -t

# Reload Nginx to apply changes
sudo systemctl reload nginx

Verify WebSocket Connection