UCP websocket secure behind a reverse proxy

ElVinzou · April 6, 2020, 9:26am

Hi everyone,

I’m running a freepbx in a kubernetes environement and everything works fine except the phone embedded in UCP, and from what I can see it seems it’s trying to use a non secured web socket :
VM34:39 Mixed Content: The page at 'https://example/' was loaded over HTTPS, but attempted to connect to the insecure WebSocket endpoint 'ws://example:8088/ws'. This request has been blocked; this endpoint must be available over WSS.

The UCP is behind a reverse proxy which take care of handling HTTPS and forward it to freepbx as plain HTTP, and I guess that’s the reason why freepbx tries to use a non secure websocket (maybe I’m wrong ?). I have all the certificates required to do some secure web socket on the freepbx server as well (I’ve added them in the certificate manager as shown in the documentation), is there any way I can force freepbx to use wss even if the client seems to come in HTTP ?

Thanks a lot,

cynjut · April 13, 2020, 3:42pm

This should be a commercial support ticket, since it’s all commercial software.

A possible (in fact, theoretical) solution would be to configure UCP to use the wss:. I know we’ve discussed it here before, but that’s as deep as I can go with you.

lgaetz · April 13, 2020, 3:57pm

Dave, this is all OSS. The UCP and WebRTC modules are AGPLv3+ and GPLv3+ respectively.

ElVinzou · April 14, 2020, 7:05am

Hi,

Thanks for the reply, just to let you know I’ve managed to make it work by forcing the reverse proxy to use HTTPS instead of HTTP. It’s far from ideal but at least it works.

Thanks anyway !

system · May 15, 2020, 7:05am

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.