WebSocket connection failed with Apache reverse proxy after upgrading to Cells 4.0.4

Pydio Cells
1

Hello,

I’m running Cells behind Apache reverse proxy. Both running on the same CentOS 8 server.
The Apache is 2.4.37.

I recently upgraded from Cells 3.x to 4.0.4.
After the upgrade I’m getting an error message at the bottom of the browed UI:
Connection issue
Websocket seems to be disconnected, please make sure that the server is up and websocket connection is working.
image

This is my configuration:

The following sites are currently defined:
+---+------------------------+-------------+----------------------------+
| # |        BIND(S)         |     TLS     |       EXTERNAL URL       |
+---+------------------------+-------------+----------------------------+
| 0 | https://localhost:8181 | Self-signed | https://mypublicdomain.com |
+---+------------------------+-------------+----------------------------+

This is my Apache configuration:

<VirtualHost *:443>
        ServerName mypublicdomain.com
        AllowEncodedSlashes On
        RewriteEngine On
        SSLProxyEngine On

        ## The order of the directives matters.
        # If Cells is not running with https, consider using ws instead of wss
        ProxyPassMatch "/ws/(.*)" wss://localhost:8181/ws/$1 nocanon

        ## This rewrite condition is required if using Cells-Sync
        RewriteCond %{HTTP:Content-Type} =application/grpc [NC]
        RewriteRule /(.*) h2://localhost:8181/$1 [P,L]

        ProxyPass "/" "https://localhost:8181/"
        ProxyPassReverse "/" "https://localhost:8181/"

		ErrorLog ${APACHE_LOG_DIR}/error.log
		CustomLog ${APACHE_LOG_DIR}/access.log combined

		SSLCertificateFile /etc/letsencrypt/live/cells.example.com/fullchain.pem
		SSLCertificateKeyFile /etc/letsencrypt/live/cells.example.com/privkey.pem
		Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

When I hit https://localhost:8181, everything is working fine including the websockets.
When I hit https://mypublicdomain.com through the Apache reverse proxy, the websockets are not working. Everything was working just fine when before the Cells 3.x to 4.0.4 upgrade.

What can be the issue?

2

I’m still getting the same error after upgrading to Cells 4.0.5

3

It seems like the self-signed certificate in Cells is the issue because if I turn off TLS on the Cells and change the following lines in the Apache configuration, the websockets are working just fine:

ProxyPassMatch "/ws/(.*)" ws://localhost:8181/ws/$1 nocanon

ProxyPass "/" "http://localhost:8181/"
ProxyPassReverse "/" "http://localhost:8181/"

+---+------------------------+---- ---+----------------------------+
| # |        BIND(S)         |  TLS   |        EXTERNAL URL        |
+---+------------------------+------ -+----------------------------+
| 0 | https://localhost:8181 | No Tls | https://mypublicdomain.com |
+---+------------------------+------ -+----------------------------+

What changed in v4 to cause the websocket issue?

4

Hello,

When you activate self-signed cert, please try following params in reverse proxy settings:

  SSLProxyVerify None
  SSLProxyCheckPeerCN Off
  SSLProxyCheckPeerName Off
5

Unfortunately, adding those 3 settings in my Apache configuration don’t make any difference. The websocket error remains.

6

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.