I’m having problems with secure websockets and lighttpd proxy - the connection is closed immediately.
I’ve installed lighttpd on the server to handle SSL/TLS. It forwards all incoming traffic to localhost:9000 i.e. wss traffic is converted to ws and sent to Play.
When I’m using non-secure ws directly to port 9000 - everything works as expected. When using wss the connection is closed after connecting.
To make it very simple I have used this example:
https://github.com/alvinj/PlayFrameworkScalaWebSockets
That creates a websocket like this:
ActorFlow.actorRef { actorRef =>
logger.info("ws: calling My Actor")
SimpleWebSocketActor.props(actorRef)
}
After a lot of investigating, I found out that the lighttpd proxy appends ‘close’ to the request when passing it on to the play server. But according to the developer lighttpd this is according to protocol:
lighttpd sends
Connection: close
to backends with HTTP/1.1 requests since lighttpd does not re-use the HTTP/1.1 connection.Connection: close
indicates to the backend that keep-alive should be disabled on the connection.When lighttpd requests
Connection: close, upgrade
, lighttpd is requesting that the connection be upgraded, but if not, that the connection be serviced as HTTP/1.1 and then closed (no keep-alive).This is all proper behavior as defined by the HTTP/1.1 specifications: RFC 7230, RFC 7231, et al.
If your backend sends a response with
Connection: upgrade
andUpgrade: websocket
, then the connection has been upgraded to thewebsocket
protocol immediately following that HTTP/1.1 response. If your backend then closes the connection, that is a problem with your backend. The strace suggests that the backend is closing the connection. Continuing to ask me to debug lighttpd is illogical. Figure out why your backend is closing the connection.
So can someone help me keep the websocket open?
See the full discussion here https://redmine.lighttpd.net/boards/2/topics/9812