Hi, I noticed that I cannot establish a WS(S) connection to the Node-Red dashboard in LAN, nor with my reverse proxy (which always gives me a 400 error):
This is my Nginx conf:
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name venus.xy.de;
ssl_certificate /etc/letsencrypt/live/xy/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xy/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
location /socket.io/ {
proxy_pass https://192.168.168.7:1881;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
proxy_ssl_verify off;
}
location / {
proxy_pass https://192.168.168.7:1881;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_ssl_verify off;
auth_basic "Restricted Access";
auth_basic_user_file /etc/nginx/passw;
}
}
proxy.conf:
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 90;
proxy_connect_timeout 90;
proxy_send_timeout 90;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Permissions-Policy "interest-cohort=()" always;
add_header X-Robots-Tag "none" always;
Is it not possible to establish a ws(s) connection using my own certificates ?