Comments (24)
In general I would put centrifugo behind a reverse proxy, like nginx for instance - that allows you greater flexibility, so you can host other things on the same server, and use the standard SSL port.
That said, I can send in a PR with TLS support, so you can use your certificate for centrifugo.
from centrifugo.
Hello, we are running Centrifugo behind Nginx. And it's strongly recommended to run Centrifugo behind Nginx or sth similar. So we just configure SSL in Nginx configuration - see commented ssl directives in configuration example.
Also I can add TLS built in (http://golang.org/pkg/net/http/#ListenAndServeTLS) - this requires some work but you will be able to run Centrifugo providing cert.pem
and key.pem
files. Is it necessary or you can go with Nginx?
from centrifugo.
Thanks !
Oh it can be good feature if by default centrifugo listen on http and https just by editing the configuration. See this example : https://www.elastic.co/guide/en/elasticsearch/client/javascript-api/current/auth-reference.html
I will try to configure nginx.
from centrifugo.
I have many app on same server running on Apache Do you have any configuration to use apache to serve https for centrifugo?
from centrifugo.
@klauspost thanks a lot! @yagobski I will make new 0.2.2 release later today
from centrifugo.
Thank you @klauspost @FZambia ! Centrifugo is really awesome. I will wait for your release.
from centrifugo.
How you do to compile from source Centrifugo?
from centrifugo.
If you mean how I create binary releases then see release.sh
(https://github.com/centrifugal/centrifugo/blob/master/release.sh)
It requires Go installed, also godep
and gox
tools.
If you have Go installed then something like this should do a work:
git clone https://github.com/centrifugal/centrifugo.git
cd centrifugo
go get go get github.com/tools/godep
godep restore
go get github.com/mitchellh/gox
./release.sh 0.2.1
Not tested steps above though - maybe forgot something
from centrifugo.
@yagobski v0.2.2 released!
from centrifugo.
Thank u very much !
from centrifugo.
I install the new release all start fine but i can't connect anymore :
client will connect to SockJS endpoint
centrifuge.js:684 Status disconnected -> connecting
centrifuge.js:684 Send Object {method: "connect", params: Object, uid: "1"}method: "connect"params: Objectinfo: ""project: "TEST"timestamp: "1435309309"token: "440add23d87ed14ed0b94b215bf5c931"user: "225"proto: Objectuid: "1"proto: Object
centrifuge.js:684 Status connecting -> disconnected
from centrifugo.
Maybe this helps:
http://stackoverflow.com/questions/18637730/how-to-use-secure-websockets-with-sock-js
from centrifugo.
even with wss://xxx:8000/connection/websocket it not working
from centrifugo.
Anything in the "network" tab in Chrome that could help?
from centrifugo.
No error just for websocket i get 101 Switching Protocols
["{"method":"connect","params":{"user":"225","project":"TEST","info":"","timestamp":"1435310324","token":"14f7d5211a2cf388bda172a7456b1b"},"uid":"3"}"]
from centrifugo.
Sorry i get this error now : :8000/connection/info?t=1435311061415 net::ERR_INSECURE_RESPONSE17.r._start @ sockjs.min.js:2(anonymous function) @ sockjs.min.js:2
from centrifugo.
http://stackoverflow.com/questions/23688565/failed-to-load-resource-neterr-insecure-response
As you are using self signed certificate you should open https://centrifuge_address:8000/connection/info in browser tab and allow ssl connection
from centrifugo.
it is the bundle certificat problem. Any why to add --bundle to complete ssl configuration?
On MAC OS if there is no bundle certificate sometime it make this error. but it is not the issue about my problem. Thanks for your help i will try to found on internet and comeback.
from centrifugo.
Don't understand what you mean under bundle certificate problem
?
Just created self signed certificate using instruction from https://devcenter.heroku.com/articles/ssl-certificate-self , then opened https://localhost:8000/connection/info
in chrome and allowed ssl connection. Both ws
and sockjs
endpoints work fine. And I am using Mac OS too.
from centrifugo.
Sometime when i use safari on mac i have this error :
WebSocket network error: OSStatus Error -9807: Invalid certificate chain
I have valid certificat from Comodo. Works fine most of the time but sometime in safari i get this error on different laptop.
I resolve this problem for my app using apache by adding the bundle package. But with centrifugo i can't pass the bundle file.
SSLEngine on
SSLCertificateKeyFile /etc/apache2/ssl/private.key
SSLCertificateFile /etc/apache2/ssl/xxx.com.crt
SSLCertificateChainFile /etc/apache2/ssl/xxx.com.ca-bundle
I want to pass this param SSLCertificateChainFile to centrifugo.
Thanks in advance
from centrifugo.
I am not an expert in tls configuration - but maybe that chain file can be concatenated into cert file which Centrifugo accepts - see last messages in this thread https://groups.google.com/forum/m/#!topic/golang-nuts/TnwfKyotEIY - sounds similar, can it help?
from centrifugo.
Yes it works thanks
2015-07-06 18:21 GMT+02:00 Alexandr Emelin [email protected]:
I am not an expert in tls configuration - but maybe that chain file can be
concatenated into cert file which Centrifugo accepts - see last messages in
this thread
https://groups.google.com/forum/m/#!topic/golang-nuts/TnwfKyotEIY -
sounds similar, can it help?—
Reply to this email directly or view it on GitHub
#27 (comment)
.
from centrifugo.
Nice! You are welcome, I will appreciate if you write full receipt how to build such certificate here - can be useful for someone in future
from centrifugo.
Sure. It is very easy I just create new centrifugo.crt file and i have put
the original crt content + bundle content in the same file.
I call it like this :
--ssl --ssl_cert=/etc/apache2/ssl/centrifugo.crt
--ssl_key=/etc/apache2/ssl/private.key
2015-07-06 19:01 GMT+02:00 Alexandr Emelin [email protected]:
Nice! You are welcome, I will appreciate if you write full receipt how to
build such certificate here - can be useful for someone in future—
Reply to this email directly or view it on GitHub
#27 (comment)
.
from centrifugo.
Related Issues (20)
- [feature] Precalculated presence stats counters in store HOT 8
- [feature] Add support for Ed25519 signature JWS HOT 2
- [bug] Channel Regex for Namespace cuased Null Pointer Exception HOT 2
- [feature] Add AMQP (RabbitMQ) support in async consumers API HOT 7
- [feature removal] Remove SockJS transport
- [feature] Improve health check by checking redis connection HOT 6
- [bug] The ID specified in XADD is equal or smaller than the target stream top item HOT 5
- [bug] getting "already subscribed" on page refresh HOT 3
- [feature] Silently Reject Publish Attempts on Proxied Channel Without Sending Client Errors HOT 4
- [question] What are the ways of decreasing the message payload? HOT 1
- [feature] Better error message when subscription token is used as connection token
- Unable To Connect With anonymous mode HOT 4
- [feature] serve admin interface via http2 HOT 4
- [feature] Send server time in initial connect response. HOT 2
- [question] Upgrading to 4.1.5 increase in response time HOT 3
- "Websocket Is Closed Before The Connection Is Established" - Web console error HOT 8
- [feature] Support for MessagePack Serialization HOT 2
- How to add multyple aud for a token in config file HOT 1
- [question] History StreamPosition and circular offsets. HOT 7
- [question] Centrifugo customization HOT 13
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from centrifugo.