How can I specify multiple ssl ports? My use case is that I am enabling nodejs server and need a secure port [#2694739]

I setup Aegir
I have Ip based ssl working and I can switch to SNI based also. So the site is ssl
I want to run a nodejs server on my machine
The nodejs server needs its own separate port
To avoid blocking of non-http content being served on a https page, I would like to deliver nodejs via https.
But there is not a way for me to specify multiple ports

Comments

Comment #1

26 March 2016 at 12:42

SocialNicheGuru created an issue.

Comment #2

SocialNicheGuru CreditAttribution: SocialNicheGuru commented 26 March 2016 at 14:03

I can't get this to work:

nodejs is running on mysite.com:9110
mysite.com is ssl enabled and required to be ssl

I opened vhost.d/mysite.com file and modified it

  <VirtualHost IP:443>
  
    DocumentRoot /var/aegir/hostmaster-7.x-3.x 
      
    ServerName hosting.socialnicheguru.com
    SetEnv db_type  mysql
    SetEnv db_name  name
    SetEnv db_user user
    SetEnv db_passwd  pword
    SetEnv db_host  localhost
    SetEnv db_port  3306
    # Enable SSL handling.
     
    SSLEngine on

    SSLCertificateFile /var/aegir/config/server_master/ssl.d/mysite/openssl.crt
    SSLCertificateKeyFile /var/aegir/config/server_master/ssl.d/mysite.com/openssl.key
    SSLCertificateChainFile /var/aegir/config/server_master/ssl.d/mysite.com/openssl_chain.crt  

  ServerAlias www.mysite.com

  #Nodejs ssl implementation
  # sudo a2enmod proxy 
  # sudo a2enmod proxy_html
  ProxyPreserveHost On

  <Proxy *>
    Order allow,deny
    Allow from all
  </Proxy>
  ProxyPass /socket.io/socket.io.js https://mysite:9110/socket.io/socket.io.js

...

I cannot get this to work. Am I thinking about this all wrong?
i get internal error

Comment #3

MartijnBraam CreditAttribution: MartijnBraam as a volunteer commented 30 March 2016 at 12:42

This is an example from my Apache config with a Nodejs server:

ProxyPass /eventsource http://127.0.0.1:8088/eventsource
ProxyPassReverse /eventsource http://127.0.0.1:8088/eventsource

This assumes your node server doesn't handle SSL itself. Apache handles the SSL connection and the communication (on localhost) between apache and nodejs is plain text (but looks ssl from the client side)

If your nodejs server does actually has it's own SSL termination then you replace http with https in my example code (And you need to check if your apache accepts the SSL cert on your nodejs server)

Comment #4

SocialNicheGuru CreditAttribution: SocialNicheGuru commented 30 March 2016 at 15:04

are you running the nodejs server remotely or on your machine.
I take it that since its '127.0.0.1' that you are running it on your machine.

Comment #5

ergonlogic

he/him

English

Montréal, Québec 🇨🇦

CreditAttribution: ergonlogic at Ergon Logic Enterprises for Aegir Cooperative commented 13 April 2016 at 06:51

BTW, you can implement drush_hook_provision_apache_vhost_config() to have such config injected into the site's vhost. There are equivalent hooks for platforms or servers too.