Https and wss cant connect to api

sfraise · August 3, 2021, 4:21pm

I got everything working over https, I’m guessing the problem was a session token mismatch going from one to the other.

However I still get WebSocket connection failed using wss://mydomain.com/parse (or any variation of the domain)

In the parse logs it says:
parse-server running on https://mydomain/parse
info: Parse LiveQuery Server starts running

Here’s my config:
{
“appId”: “myappID”,
“masterKey”: “xxx”,
“appName”: “parse-server”,
“mountPath”: “/parse”,
“port”: “1337”,
“host”: “127.0.0.1”,
“serverURL”: “https://mydomain/parse”,
“databaseURI”: “mongodb://bn_parse:[email protected]:27017/bitnami_parse”,
“cloud”: “/opt/bitnami/cloud/main.js”,
“liveQuery”: {
“classNames”: ["_User","_Role",“TestObject”]
},
“startLiveQueryServer”: “true”,
“liveQueryServerOptions”: {
“appId”: “myappID”,
“serverURL”: “wss://mydomain/parse”,
“masterKey”: “xxx”,
“logLevel”: “VERBOSE”
}
}

Here’s the client side code I’m using with the JS SDK:
Parse.initialize(‘myappID’);
Parse.serverURL = ‘https://mydomain/parse’;

let TestObject = new Parse.Object.extend(‘TestObject’);
let q = new Parse.Query(‘TestObject’);
q.equalTo(‘foo’, ‘bar’);
const results = q.find();
results.then(function(obj) {
console.log(obj);
});

let subscription = q.subscribe();
console.log(subscription);

The query works as expected and gives the results in the console. Then it’s just a bunch of websocket connection failed.

Again, I’m not using the aws loadbalancer and certificate manager ssl, I’m pointing the domain directly at the server IP and using a let’s encrypt ssl cert directly on the server created by the bitnami let’s encrypt tool that came pre-packaged in the ami. HTTPS is working as expected.

Once thing I have noticed though that is no matter what I change the serverUrl value to under liveQueryServerOptions the console error always shows WebSocket connection wss://mydomain/parse failed, even if I remove /parse, change it to the IP address or whatever and then restart parse.

I feel like I’m missing something really obvious and dumb here.

sfraise · August 3, 2021, 5:40pm

Here’s a bit from my apache access log, the string of 403’s at the end I’m assuming are the wss:// calls
64.xxx.79.xxx - - [03/Aug/2021:17:15:18 +0000] “OPTIONS /parse/classes/TestObject HTTP/1.1” 200 2
64.xxx.79.xxx - - [03/Aug/2021:17:15:18 +0000] “GET /parse HTTP/1.1” 403 24
64.xxx.79.xxx - - [03/Aug/2021:17:15:18 +0000] “POST /parse/classes/TestObject HTTP/1.1” 200 245
64.xxx.79.xxx - - [03/Aug/2021:17:15:18 +0000] “GET /parse HTTP/1.1” 403 24
64.xxx.79.xxx - - [03/Aug/2021:17:15:20 +0000] “OPTIONS /parse/health HTTP/1.1” 200 2
64.xxx.79.xxx - - [03/Aug/2021:17:15:20 +0000] “POST /parse/health HTTP/1.1” 200 15
64.xxx.79.xxx - - [03/Aug/2021:17:15:20 +0000] “GET /parse HTTP/1.1” 403 24
64.xxx.79.xxx - - [03/Aug/2021:17:15:24 +0000] “GET /parse HTTP/1.1” 403 24
64.xxx.79.xxx - - [03/Aug/2021:17:15:34 +0000] “GET /parse HTTP/1.1” 403 24
64.xxx.79.xxx - - [03/Aug/2021:17:15:43 +0000] “GET /parse HTTP/1.1” 403 24
64.xxx.79.xxx - - [03/Aug/2021:17:15:57 +0000] “GET /parse HTTP/1.1” 403 24
64.xxx.79.xxx - - [03/Aug/2021:17:16:13 +0000] “GET /parse HTTP/1.1” 403 24
64.xxx.79.xxx - - [03/Aug/2021:17:16:21 +0000] “GET /parse HTTP/1.1” 403 24

davimacedo · August 4, 2021, 5:37pm

I guess the problem is on your load balancer listeners. Could you share the settings you have?

sfraise · August 4, 2021, 7:02pm

I’m not running a load balancer on the instance at the moment, have the domain pointed directly at the IP address.

sfraise · August 4, 2021, 7:08pm

I should also mention that in my Parse log I get the following after starting parse:
info: Parse LiveQuery Server starts running

Which is logged with this:
wss.onListen = () => {
_logger.default.info(‘Parse LiveQuery Server starts running’);
};

As far as I can tell the live query server is starting up and listening. I logged the wss server object to see what that spit out and got the following:

info: Parse LiveQuery Server starts running {“options”:{“appId”:“myappID”,“serverURL”:“wss://mydomain.com/parse”,“masterKey”:“xxx”,“logLevel”:“VERBOSE”,“server”:{"_events":{“connection”:[null,null]},"_eventsCount":5,"_connections":0,"_handle":{“reading”:false},"_usingWorkers":false,"_workers":,"_unref":false,“allowHalfOpen”:true,“pauseOnConnect”:false,“httpAllowHalfOpen”:false,“timeout”:120000,“keepAliveTimeout”:5000,“maxHeadersCount”:null,“headersTimeout”:60000,"_connectionKey":“4:127.0.0.1:1337”}}}

davimacedo · August 4, 2021, 8:47pm

Is it still working via ws but not working via wss?

sfraise · August 4, 2021, 8:57pm

I can’t get either one to work.

sfraise · August 4, 2021, 9:02pm

I’d be happy to give you full ssh/login creds for everything here, this is just strictly a test setup to just figure out how to get this all setup and working correctly.

davimacedo · August 4, 2021, 9:17pm

I guess you need to setup something on apache to make the web socket connection to work. This thread may be helpful: Setting up a websocket on Apache? - Stack Overflow

sfraise · August 4, 2021, 10:04pm

Thanks for the link, that might get me closer, testing some stuff now.

sfraise · August 4, 2021, 10:26pm

I have all of the apache modules mentioned already installed and tried a few variations in the apache conf but still no joy.

Bitnami is zero help on anything with their AMI’s so who knows. I think tomorrow I’ll try just creating a new server and installing/configuring everything from scratch. At least that way it will be a legit install and not “preconfigured” by someone else with no docs on how they did it lol.

uzaysan · August 5, 2021, 9:53am

Do you use some kind of proxy? When I used Nginx as a proxy, I had to define a header like this:

proxy_set_header Connection "Upgrade"
Without this, websockets wouldn’t work.

In this answer they are doing something similar with apache. Take a look.

sfraise · August 5, 2021, 3:57pm

I have a hunch it’s something with this specific version of parse in this latest bitnami ami.

My parse-server version says 4.9.3 which I guess was a screw up on tags but also seems to be some issues with this exact problem where wss can’t connect.

See the following upstream:

davimacedo · August 9, 2021, 11:47pm

The latest official version is actually 4.5.0. Could you please try with that one?

sfraise · August 10, 2021, 7:46pm

Bitnami gave me an older ami with version 4.3.0 in it that I deployed.

Same exact problem. I’m sure it’s something with apache/proxy_wstunnel_module and the reverse proxy configs but nothing I try seems to matter.

I wish there were some type of documentation or better yet, examples of how to config apache to work with the live query server but about all I can find relates only to nginx.

I’ve tried several variations of the following in the apache config:

#RewriteEngine on
#RewriteCond ${HTTP:Upgrade} websocket [NC]
#RewriteCond ${HTTP:Connection} upgrade [NC]
#RewriteRule .* “ws://127.0.0.1:1337/$1” [P,L]

#ProxyPass “/parse” “wss://127.0.0.1:1337/parse”
#ProxyPassReverse “/parse” “wss://127.0.0.1:1337/parse”

I’m pretty much at a loss here at this point, I’ve been beating on this thing for a week now and no closer than I was when I started. Parse is the ideal solution for what I need to build since I can keep it all under the aws infrastructure and I’m unable to use Firebase but without the ability to connect to the live query server with wss it’s worthless to me. I’m pretty much out of ideas at this point.

davimacedo · August 11, 2021, 3:34pm

Maybe you should try to reach out Bitnami to get some help or try to create a server from scratch using nginx and GitHub - parse-community/parse-server-example: Example server using Express and the parse-server modul

sfraise · August 11, 2021, 3:56pm

I finally got it working.

In the /opt/bitnami/apache/conf/vhosts/parse-https-vhost.conf file I added the following under virtual host:

SSLProxyEngine on RewriteEngine On RewriteCond %{HTTP:Upgrade}
websocket [NC] RewriteRule /(.*) ws://localhost:1337/$1 [P,L]

ProxyPass “/parse” “ws://127.0.0.1:1337/parse” ProxyPassReverse
“/parse” “ws://127.0.0.1:1337/parse”

Whether or not that’s actually secure I have no idea, the live query subscribe call from the client goes over wss:// and it doesn’t give any warnings or errors so I guess I’m good now.

It would be helpful for future users I think if this was added into the docs somewhere. A lot of devs aren’t apache or nginx gurus especially as it relates to websockets, even the guys at bitnami said setting up for websockets was out of their realm of experience.

All that said I’m pretty damn excited to jump in there and start actually building some stuff with this thing now lol.

Thanks for the help!

sfraise · March 20, 2023, 10:34pm

I’m back to square one on websockets/live queries trying to get a new parse server going with the latest bitnami ami on aws.

Https works but no matter what I do ws and wss won’t run at all.

I wish there were a standard guide on setting up live queries in apache.

sfraise · March 22, 2023, 5:29pm

After a few days of beating on this new server I’m at a loss. I think this is a much different issue than this one I had a year and a half ago so will create a new thread for it.

sfraise · March 23, 2023, 7:24pm

I started a new thread for this yesterday since it was obviously an issue bigger than just ssl and wss and just updated there as well. I would delete that other thread as it must have been an issue with the previous Bitnami AMI but it seems I can’t now.

FYI Bitnami released a new AMI with v5.4.3 that seems to work fine.

I should probably write up a step by step “how to” on configuring the Bitnami Parse AMI build with a load balancer and SSL as it could be a little intimidating I’m sure for someone not familiar with Apache or server-side config.