Feature request: Reverse proxy support for encrypted websockets

gilles

Active Member
#1
Websites and apps use important data use SSL nowadays. A lot of apps use websockets for real-time communication with their backend. An https app cannot use unencrypted websockets, as it would be unsafe and most modern browsers do not allow it.

A fair number of people run their apps behind Apache / Nginx servers using them as reverse proxies, to benefit from their stability and protections. There is a fair chance more people would give LiteSpeed a chance if its reverse proxy supported encrypted websockets.

I would like to request this feature and hear if it is on the near-future roadmap.
 

gilles

Active Member
#3
Or maybe I am misunderstanding and I can have an encrypted websocket connection between the client and OLS, and an unencrypted websocket connection between OLS and the backend server? It seems unlikely but I could be mistaken. I'm a newbie at reverse proxying.
 

gilles

Active Member
#4
Just re-read the LiteSpeed server documentation:
LiteSpeed currently can only offload SSL and forward to the backend using ws://. wss:// is not currently supported, and there are no plans to make it available soon. If you must, you could try an SSL tunnel. LiteSpeed communicates with the SSL tunnel via ws://, the SSL tunnel adds SSL encryption, and then the tunnel communicates with the backend via wss://.
and indeed I misunderstood.

It would be great if this little note is added to the OLS wiki pages related to reverse proxying (assuming the same is indeed true for OLS).
 
Top