[Interest] wss:// on localhost

[Alexander Carôt]

> what about setting up a proxy/loadbalancer like nginx/haproxy and let him do the ssl termination?
> and hide the backend completly, that is, let frontend communicate only with the proxy/lb?
> why not connect via ssl always?

The websocket server is part of an application each user downloads to his/her machine so we basically have no control over this. For several other reasons we want to make sure that the traffic between app and browser does not leave localhost or in some cases the LAN. 

Best

Alex


--
http://www.carot.de
Email : Alexander at Carot.de
Tel.: +49 (0)177 5719797


> Gesendet: Dienstag, 28. Juli 2020 um 08:21 Uhr
> Von: "alexander golks" <alex at golks.de>
> An: interest at qt-project.org
> Betreff: Re: [Interest] wss:// on localhost
>
> Am Tue, 28 Jul 2020 08:05:46 +0200
> schrieb Alexander Carôt <alexander_carot at gmx.net>:
> 
> > Hallo Marten,
> > 
> > thanks for your additionl reply !
> > 
> > There are two reasons why I have to use a secure websocket:
> > 
> > 1.) In some cases our website connects to our app not on localhost but some other place on the LAN.
> > 
> > 2.) Our site is part of a CMS-based project which per default runs with SSL. Changing the specific sites to no-SSL (http) and the corresponding ws leades to mixed content often ignored by the browser.
> > 
> 
> what about setting up a proxy/loadbalancer like nginx/haproxy and let him do the ssl termination?
> and hide the backend completly, that is, let frontend communicate only with the proxy/lb?
> why not connect via ssl always?
> 
> -- 
> /*
>  *  raw_printk("Oops: bitten by watchdog\n");
>  *    linux-2.6.19/arch/cris/arch-v32/kernel/time.c
>  */
> _______________________________________________
> Interest mailing list
> Interest at qt-project.org
> https://lists.qt-project.org/listinfo/interest
>