Skip to content

Instantly share code, notes, and snippets.

@steve-ng

steve-ng/nginx.conf

Last active May 28, 2024 08:27
Show Gist options
  • Save steve-ng/ed6de1fa702ef70bd6ce to your computer and use it in GitHub Desktop.
Save steve-ng/ed6de1fa702ef70bd6ce to your computer and use it in GitHub Desktop.
Download ZIP
Nginx reverse proxy wss with ssl
Raw
nginx.conf
server {
listen 443 ssl;
server_name xxx.xx.io
ssl on;
ssl_certificate /etc/asterisk/certs/xxx.io.pem;
ssl_certificate_key /etc/asterisk/certs/xxx.io.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
#prevent 502 bad gateway
#large_client_header_buffers 8 32;
location / {
# prevents 502 bad gateway error
proxy_buffers 8 32k;
proxy_buffer_size 64k;
# redirect all HTTP traffic to localhost:8088;
proxy_pass http://0.0.0.0:8088/ws;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-NginX-Proxy true;
# enables WS support
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 999999999;
}
}
@imohammedzen
Copy link

You might want to remove SSLv2 SSLv3 from ssl_protocols :)

@twelvew12
Copy link

Hi
Please help me with the settings provided by you. All IPs 127.0.0.1 are returned ?

@twelvew12
Copy link

Please help me

@marcmaceira
Copy link

Recommended changes for line 12:
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

@tobyh-g
Copy link

tobyh-g commented May 22, 2020

Thanks for this. Your config had the missing key for my issue!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment