Unable to connect via android app through Apache reverse proxy on ssl

Community Support Mobile Apps
1

Greetings,

I have been stuck with this for 2 days now and I cannot figure out what is going on. My Stats:

Server:
CentOS Linux release 7.8.2003 (Core)
8 GB RAM
4 CPU
160GB HDD

Software:
Latest VestaCP Control Panel
Apache/2.4.6 (CentOS) with Reverse Proxy (following the tutorial)
Latest Rocket Chat (following the tuorial)

My Apache Configs look like this:

Site config:

<VirtualHost *:443>

    ServerName chat.serversmadeeasy.com
    ServerAdmin support@serversmadeeasy.com

    LogLevel info
    CustomLog /var/log/httpd/domains/chat.serversmadeeasy.com.bytes bytes
    CustomLog /var/log/httpd/domains/chat.serversmadeeasy.com.log combined
    ErrorLog /var/log/httpd/domains/chat.serversmadeeasy.com.error.log
    TransferLog /var/log/httpd/domains/chat.serversmadeeasy.com.access.log

    SSLEngine on
    SSLVerifyClient none  #with or without this made no difference
    SSLCertificateFile /home/admin/conf/web/ssl.chat.serversmadeeasy.com.crt
    SSLCertificateKeyFile /home/admin/conf/web/ssl.chat.serversmadeeasy.com.key
    SSLCertificateChainFile /home/admin/conf/web/ssl.chat.serversmadeeasy.com.ca

    <Location />
        Require all granted
    </Location>

    RewriteEngine On
    RewriteCond %{HTTP:Upgrade} =websocket [NC]
    RewriteRule /(.*)           ws://localhost:3000/$1 [P,L]
    RewriteCond %{HTTP:Upgrade} !=websocket [NC]
    RewriteRule /(.*)           http://localhost:3000/$1 [P,L]

    SSLProxyEngine on #Without this I was getting ssl errors
    ProxyPassReverse /          http://localhost:3000/

</VirtualHost>

Any my module config:

    ## This file configures all the proxy modules:
    LoadModule proxy_module modules/mod_proxy.so
    #LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
    #LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
    #LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
    #LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
    #LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
    #LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
    #LoadModule proxy_connect_module modules/mod_proxy_connect.so
    #LoadModule proxy_express_module modules/mod_proxy_express.so
    #LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
    #LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
    #LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
    LoadModule proxy_http_module modules/mod_proxy_http.so
    #LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
    LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so

And I get a valid response.
I also get a valid response from the api

curl https://chat.serversmadeeasy.com/api/info
{"version":"3.3.3","success":true}

Yet, when I try and log into the andoid app, it gets me to the login, I enter my info, and it does nothing. If I put in the wrong info, it tells me it is wrong, if I create a user, it creates it, but for what ever reason, I cannot log into the app at all.

Any help would be appreciated.

2

As a new user, being able to only post 2 links, when half the supporting documentation holds a lot more makes this process a bit of a pain…

More Info

I have tested websocket with the following code:

curl --include \
       --no-buffer \
       --header "Connection: Upgrade" \
       --header "Upgrade: websocket" \
       --header "Host: chat.serversmadeeasy.com" \
       --header "Origin: https ://chat.serversmadeeasy.com" \
       --header "Sec-WebSocket-Version: 13" \
       https ://chat.serversmadeeasy.com

And get a valid response (spaces in URL to prevent the “New User can only post 2 links” error)

3

My Service is started with this code:

[Unit]
Description=The Rocket.Chat server
After=network.target remote-fs.target nss-lookup.target nginx.target mongod.target
[Service]
ExecStart=/usr/local/bin/node /opt/Rocket.Chat/main.js
StandardOutput=syslog
StandardError=syslog
SyslogIdentifier=rocketchat
User=rocketchat
Environment=MONGO_URL=mongodb://localhost:27017/rocketchat?replicaSet=rs01 MONGO_OPLOG_URL=mongodb://localhost:27017/local?replicaSet=rs01 ROOT_URL=https://chat.serversmadeeasy.com/ PORT=3000
[Install]
WantedBy=multi-user.target
4

My access log looks like this (with all 200 codes)

104.249.228.96 - - [18/Jun/2020:15:37:16 +0200] "GET /websocket HTTP/1.1" 200 65536
142.44.210.204 - - [18/Jun/2020:15:37:16 +0200] "GET /wss://localhost:3000/websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:16 +0200] "GET /websocket HTTP/1.1" 200 65536
142.44.210.204 - - [18/Jun/2020:15:37:17 +0200] "GET /wss://localhost:3000/websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:17 +0200] "GET /websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:09 +0200] "POST /sockjs/419/_zjbqvw9/xhr HTTP/1.1" 200 24
104.249.228.96 - - [18/Jun/2020:15:37:26 +0200] "POST /sockjs/419/_zjbqvw9/xhr_send HTTP/1.1" 204 -
142.44.210.204 - - [18/Jun/2020:15:37:27 +0200] "GET /wss://localhost:3000/websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:27 +0200] "GET /websocket HTTP/1.1" 200 81171
142.44.210.204 - - [18/Jun/2020:15:37:28 +0200] "GET /wss://localhost:3000/websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:28 +0200] "GET /websocket HTTP/1.1" 200 81171
142.44.210.204 - - [18/Jun/2020:15:37:38 +0200] "GET /wss://localhost:3000/websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:37 +0200] "GET /websocket HTTP/1.1" 200 81171
142.44.210.204 - - [18/Jun/2020:15:37:38 +0200] "GET /wss://localhost:3000/websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:38 +0200] "GET /websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:26 +0200] "POST /sockjs/419/_zjbqvw9/xhr HTTP/1.1" 200 263
104.249.228.96 - - [18/Jun/2020:15:37:40 +0200] "POST /api/v1/login HTTP/1.1" 200 791
104.249.228.96 - - [18/Jun/2020:15:37:40 +0200] "POST /sockjs/419/_zjbqvw9/xhr HTTP/1.1" 200 10813
142.44.210.204 - - [18/Jun/2020:15:37:41 +0200] "GET /wss://localhost:3000/websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:41 +0200] "GET /websocket HTTP/1.1" 200 81171
142.44.210.204 - - [18/Jun/2020:15:37:48 +0200] "GET /wss://localhost:3000/websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:48 +0200] "GET /websocket HTTP/1.1" 200 81171
142.44.210.204 - - [18/Jun/2020:15:37:49 +0200] "GET /wss://localhost:3000/websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:49 +0200] "GET /websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:40 +0200] "POST /sockjs/419/_zjbqvw9/xhr HTTP/1.1" 200 24
104.249.228.96 - - [18/Jun/2020:15:37:56 +0200] "POST /sockjs/419/_zjbqvw9/xhr_send HTTP/1.1" 204 -
142.44.210.204 - - [18/Jun/2020:15:37:59 +0200] "GET /wss://localhost:3000/websocket HTTP/1.1" 200 81171
142.44.210.204 - - [18/Jun/2020:15:37:59 +0200] "GET /wss://localhost:3000/websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:59 +0200] "GET /websocket HTTP/1.1" 200 81171
104.249.228.96 - - [18/Jun/2020:15:37:59 +0200] "GET /websocket HTTP/1.1" 200 81171
5

Forgot to mention, android app version is 4.7.2.2126

6

Did you ever get this figured out?

I’m having the same exact problem, but I am using nginx. Tried several configs, including the documented nginx configuration.

Obviously connection is good because it won’t accept incorrect login credentials. So it seems to break somewhere after entering correct credentials.