Setting up SSL on Tomcat


#1

My domain https://afghanchat.net

My web server is (include version):Apche 2.2 and Tomcat

The operating system my web server runs on is (include version): Ubuntu 16

Hello Everyone,
First of all I thank you guys for providing such a usefull service,

My Issue,
I have installed SSL for Apache, and I am hosting a Chatserver script which is run by Tomcat,
SSL is installed and working perfectly on Webserver,
I need to configure tomcat to use the same certificate, bcoz Some websocket protocol needs to be secured too,
can someone tell me how to use the same certificate which is already installed on Apche?
thank you for your time


#2

You are on Apache httpd 2.4, not 2.2.

You will probably want to use https://httpd.apache.org/docs/2.4/mod/mod_proxy_wstunnel.html to proxy the websockets through your Apache server (via secure wss:// connections), the same way you are already proxying httpd->Tomcat.

There shouldn’t be any need to do any extra configuration for certificates.


#3

Thank you for your reply,
The chatserver is running html5 and flash, the flash is working fine and yes indeed the WS is creating problem with Mix content error, so the browsers are blocking the WS connection, it should be WSS,
I have hired a developer to fix the issue via proxy tunnel but he wasnt able to fix the issue

Edit:
I am not sure if its allowed here or not, but is there any payed developer who is willing to fix this issue ?


#4

I downloaded 123 Flash Chat 10.0 to try see what’s going on.

As far as I can tell, the ws:// part of ws://afghanchat.net:35555/websocket is fully hardcoded in minified JavaScript, as part of the HTML Chat client.

The software does not appear provide a way to customize the protocol in a clean way.

Even the demo on the marketing site “cheats” and redirects to an insecure origin.

You could try and replace ws:// with wss://, setup a a secure reverse proxy on another port, and change the client to that secure port, but it would be a hack.

Perhaps you can reach out to the developers and ask them to properly support SSL - or change to another chat package.


#7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.