I keep getting an error using wss:// even if I have Lets Encrypt setup. I am hoping someone could guide me to my error I cannot figure out.
I am using apache2 on Debian. I also have a working copy of Rocket Chat using wss://, and it is not causing any problems.
This is my partial apache2 used from the online docs
# Set web sockets
RewriteEngine On
RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC]
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} \bUpgrade\b [NC]
RewriteRule .* wss://127.0.0.1:8065%{REQUEST_URI} [P,QSA,L]
<Location />
Require all granted
ProxyPass http://127.0.0.1:8065/
ProxyPassReverse http://127.0.0.1:8065/
ProxyPassReverseCookieDomain 127.0.0.1 mattermost.domain.ca
</Location>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/domain.ca/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/domain.ca/privkey.pem
SSLCACertificateFile /etc/letsencrypt/live/domain.ca/chain.pem
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
Here is my partial json config
"ServiceSettings": {
"SiteURL": "https://mattermost.domain.ca",
"WebsocketURL": "",
"LicenseFileLocation": "",
"ListenAddress": ":8065",
"ConnectionSecurity": "",
"TLSCertFile": "/etc/letsencrypt/live/domain.ca/cert.pem",
"TLSKeyFile": "/etc/letsencrypt/live/domain.ca/privkey.pem",
"TLSMinVer": "1.2",
"TLSStrictTransport": false,
"TLSStrictTransportMaxAge": 63072000,
"TLSOverwriteCiphers": [],
"UseLetsEncrypt": false,
"LetsEncryptCertificateCacheFile": "./config/letsencrypt.cache",
"Forward80To443": false,
"TrustedProxyIPHeader": [
"X-Forwarded-For",
"X-Real-IP"
],
There are no errors in journalctl and no errors in the console->error logs. My let’s encrypt certificate does hold several domains, as this server holds several domains.
If I change the apache2 above and remove wss:// to ws:// there are no problems.