RemoteViz uses WebSocket protocol to make possible the communication between the client and the service. Without any web servers between the client and the RemoteViz service, a WebSocket connection can be established smoothly. However, in production environments, the web page requests are handled by a web server and only the web server port (port 80 by default) is open from the outside in order to guarantee security. To use the same port and domain for the HTTP requests and the Websocket requests, the websocket traffic has to be routed through the web server. This document explains how to configure NGinx server as reverse proxy to handle web page requests and websocket traffic over the same port and domain.
For Microsoft Windows: http://nginx.org/en/docs/windows.html
For Unix systems: http://nginx.org/en/docs/install.html
Without Secure Sockets Layer (SSL) encryption:
server { listen 80; root /home/mysite; index index.html index.htm; # Replace "yourdomain" by your public domain name server (DNS) server_name yourdomain; # Route websocket to the RemoteViz Service location /RemoteViz { # Replace "remoteviz_service_ip" by the RemoteViz service IP address proxy_pass http://remoteviz_service_ip:8080; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; } }
With Secure Sockets Layer (SSL) encryption:
server { listen 443 ssl; # Set the path to the public certificate file ssl_certificate /etc/ssl/certs/ssl-cert.crt; # Set the path to the private key file ssl_certificate_key /etc/ssl/private/ssl-private.key; # Redirect all non-SSL traffic to SSL. if ($ssl_protocol = "") { rewrite ^ https://$host$request_uri? permanent; } root /home/mysite; index index.html index.htm; # Replace "yourdomain" by your public domain name server (DNS) server_name yourdomain; # Route secure websocket to the RemoteViz Service location /RemoteViz { # Replace "remoteviz_service_ip" by the RemoteViz service IP address proxy_pass https://remoteviz_service_ip:8080; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; } }
Note: Some SSL providers will provide an Intermediate Certificate to use. You have to append it with our public SSL certificate.
theRenderArea.connectTo("ws://127.0.0.1:8080/RenderAreaName");
by the line for using non-SSL:
theRenderArea.connectTo("ws://yourdomain/RemoteViz/RenderAreaName");
or by the line for using SSL:
theRenderArea.connectTo("wss://yourdomain/RemoteViz/RenderAreaName");