[Nfd-dev] Secure websocket support in NFD?
Junxiao Shi
shijunxiao at email.arizona.edu
Tue Jan 27 21:33:25 PST 2015
Dear folks
It's quite easy to add a wss=>ws proxy. Here's how:
1. Assume you already have a working HTTPS website on nginx.
2. Edit /etc/nginx/sites-enabled/https-site
Put the following at the top of this file:
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
Put the following inside 'server' section:
location /NFD {
proxy_pass http://[2001:db8::1]:9696;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
Substitute 2001:db9::1 with the IP address of NFD. I only tested IPv6.
3. Edit ndn.js:
Look for 'new WebSocket', and change the parameter into:
connectionInfo.wsuri || ('ws://' + connectionInfo.host + ':' +
connectionInfo.port)
4. Edit web app:
Change "new Face({ host:'nfd.example.com', port:9696 })" to "new Face({
wsuri:'wss://secure.example.com/NFD' })".
Yours, Junxiao
On Fri, Jan 23, 2015 at 1:46 PM, Junxiao Shi <shijunxiao at email.arizona.edu>
wrote:
> Hi Jeff
>
> An alternate to NFD serving wss directly is to add a frontend
> TLS=>TCP/HTTP proxy, such as STunnel or nginx.
> But I'm not sure how to configure those.
>
> Yours, Junxiao
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/nfd-dev/attachments/20150127/4c748496/attachment.html>
More information about the Nfd-dev
mailing list