Hi!
I am trying to deploy a Seaside application that uses Zinc's websockets. I use nginx and I have a TLS certificate for the application so I need to use secure websockets (wss://) and not simple websockets (ws://). I got a problem because the client could not access to the server because it was failing the handshake. I could make it work by using nginx to manage the certificate. But I was wondering if it would be possible with Zinc to give the access to the certificate to manage the connection instead of doing it via nginx. Is it possible to do this? Thanks in advance. -- Cyril Ferlicot https://ferlicot.fr |
Hi Cyril,
You can run a ZnSecureServer with a specific certificate. See the class comment. But, this is a bit experimental, you need a very specific certificate and I have only seen it work on Linux. If you front you Seaside app with Nginx, I assume you are doing HTTPS -> HTTP in Nginx. I would suggest you try doing WWS -> WS as well. This does mean that connections are kept open of course (implicit in WebSockets). I have not yet done this myself, but it should work theoretically. The thing is, you will find 100x more info on (correct) TLS/SSL setup on Nginx, and app proxying is totally accepted today. Please let us know how it goes ;-) Sven > On 2 May 2018, at 16:21, Cyril Ferlicot D. <[hidden email]> wrote: > > Hi! > > I am trying to deploy a Seaside application that uses Zinc's websockets. > > I use nginx and I have a TLS certificate for the application so I need > to use secure websockets (wss://) and not simple websockets (ws://). > > I got a problem because the client could not access to the server > because it was failing the handshake. > > I could make it work by using nginx to manage the certificate. But I was > wondering if it would be possible with Zinc to give the access to the > certificate to manage the connection instead of doing it via nginx. Is > it possible to do this? > > Thanks in advance. > > -- > Cyril Ferlicot > https://ferlicot.fr > |
On 02/05/2018 16:29, Sven Van Caekenberghe wrote:
> Hi Cyril, > Thank you for the infos and the fast reply :) > You can run a ZnSecureServer with a specific certificate. See the class comment. But, this is a bit experimental, you need a very specific certificate and I have only seen it work on Linux. > Good to know! > If you front you Seaside app with Nginx, I assume you are doing HTTPS -> HTTP in Nginx. I would suggest you try doing WWS -> WS as well. This does mean that connections are kept open of course (implicit in WebSockets). I have not yet done this myself, but it should work theoretically. > This is what I do now and it works fine. I just wanted to know if there was an alternative to write it in the documentation of the project (since it will be open source). > The thing is, you will find 100x more info on (correct) TLS/SSL setup on Nginx, and app proxying is totally accepted today. > Ok, so I'll probably just give an example with nginx in the documentation :) > Please let us know how it goes ;-) > > Sven > > -- Cyril Ferlicot https://ferlicot.fr |
Sorry for the OT but I interested in how you're using WebSockets and Seaside. Can you share how are you mix them together? On Wed, May 2, 2018 at 11:40 AM Cyril Ferlicot D. <[hidden email]> wrote: On 02/05/2018 16:29, Sven Van Caekenberghe wrote: |
Le 06/05/2018 à 20:46, Francisco Ortiz Peñaloza a écrit :
> Sorry for the OT but I interested in how you're using WebSockets and > Seaside. > > Can you share how are you mix them together? > Hi, We do it in this project: https://github.com/TelescopeSt/TelescopeCytoscape This project allow to create a model of visualization (nodes and their contents, layouts, interactions, and update mechanism) then to render it with the CytoscapeJs visualization framework. The Seaside part is really small. We just use Seaside to render an empty div and initialize a cytoscape visualization inside. We could probably do without Seaside but we did this project for a Seaside application. (And we use the existing callbacks mechanism) During the rendering we open a web socket and we generate the initial cytoscape visualization inside the empty div generated by Seaside. Then when the user interact with the visualization, it communicates the interactions via the web socket to the Pharo server and if it should impact the visualization, commands to do so are sent via the websocket to the client. In this project the main part for the websocket management are: - TLCytoscapeComponent : The Seaside component registering the visualization (https://github.com/TelescopeSt/TelescopeCytoscape/blob/development/src/Telescope-Cytoscape/TLCytoscapeComponent.class.st) - TLCytoscapeWebSocketDelegate : The class managing the websocket server side (https://github.com/TelescopeSt/TelescopeCytoscape/blob/development/src/Telescope-Cytoscape/TLCytoscapeWebSocketDelegate.class.st) - CYSFileLibrary>>cytoscapeTelescopeJs : The javascript managing the socket client side (https://github.com/TelescopeSt/TelescopeCytoscape/blob/development/src/Telescope-Cytoscape-Libraries/CYSFileLibrary.class.st#L539) If you need more details just ask :) -- Cyril Ferlicot https://ferlicot.fr signature.asc (836 bytes) Download Attachment |
Free forum by Nabble | Edit this page |