django channels behind https

sanderlacerda picture sanderlacerda · Sep 10, 2016 · Viewed 7.8k times · Source

Django-channels websocket was working well on a AWS server until I installed letsencript ssl. I tried another certificate but the wss is not working. I saw this online deployment that shows that channels can work behind https:

https://django-channels-example.herokuapp.com/

I followed andrewgodwin sugestions here:

https://github.com/django/channels/issues/248

I pointed daphne to port 8000:

daphne -b 0.0.0.0 vp.asgi:channel_layer --port 8000 -v 2

And I used the same port in my javascript:

chatsock = new WebSocket( ws_scheme + '://' + window.location.host + ":8000/chat" );

My nginx config:

server {
        listen 80;
        server_name mysite.com www.example.com;
        return 301 https://www.example.com$request_uri;
}

server{
        listen 443 ssl;
        server_name mysite.com www.example.com;
        ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
        root /home/ubuntu/vp;

        access_log /var/log/nginx/guni-access.log;
        error_log /var/log/nginx/guni-error.log info;

        location /wss/ {
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-for $proxy_add_x_forwarded_for;
                proxy_set_header Host $http_host;
                proxy_pass http://0.0.0.0:8000;
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
        }

    location / {
        proxy_pass http://0.0.0.0:8000;
        proxy_set_header    HOST    $host;
        proxy_set_header    X-Real-IP   $remote_addr;
        proxy_set_header    X-Forwarded-for $remote_addr;
        proxy_set_header X-Forwarded-Proto $scheme;
        port_in_redirect off;
        proxy_connect_timeout 300;
    }

    location ~ /.well-known {
                allow all;
        }

    location /static/ {
        alias /home/ubuntu/vp/static/;
        expires 30d;
    }
}

My browser tells that:

Firefox can’t establish a connection to the server at wss://example.com:8000/chat.

Any suggestions? Thanks.

Answer

Itamar Lavender picture Itamar Lavender · Nov 3, 2016

I would suggest changing your things as follow.

javascript:

var ws_scheme = window.location.protocol == "https:" ? "wss" : "ws";
var chatsock = new ReconnectingWebSocket(ws_scheme + '://' + window.location.host + window.location.pathname);

nginx:

server {
 listen 443 ssl;
 server_name server.domain.com;

 ssl on;
 ssl_certificate /path_to_server_certificate.crt;
 ssl_certificate_key /path_to_server_key.key;

  ## static files (path should be changed)
  location /static/ {
    autoindex off;
    alias /blabla/static/;
  }

  ## app
  location / {
    proxy_pass http://127.0.0.1:8000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    proxy_set_header Host $host;
  }

}