Reverse proxy issues with ME SDP websockets

Reverse proxy issues with ME SDP websockets

Hi!
We have an Apache reverse proxy for many internal webservices that need to be exposed publicly on the web. Many of these utilize websockets and as such we are pretty much using the same entries for all our hosts.

However, ManageEngine ServiceDesk Plus Professional doesn't seem to be able to establish websockets behind a reverse proxy and we've tried a few configuration combinations but with no success.

Our VirtualHost configuration currently looks like this:
  1. <VirtualHost *:443>
  2. ServerName our.domain.com
  3. ProxyRequests On
  4. ProxyPreserveHost On
  5. ProxyBadHeader Ignore
  6. ProxyPass /getNotifications wss://1.1.1.1:8080/getNotifications
  7. ProxyPass / https://1.1.1.1:8080/
  8. </VirtualHost>

This works perfectly for HTTPS requests (we can login, we can administrate, we can activate AD sync, etc), but not for socket connections such as notifications, chats, etc.

Our alias URL is configured as "our.domain.com", and SSL settings as such:



Using Google Chrome Developer Tools we do see that the websocket request is indeed accepted and returned as status code 101:
 

If I open a chat with my Test-user I can see myself (administrator) online, but not the Test-user which I have open in an incognito window, and the opposite is true for the Test-user:


If I post a chat message, the message is not loaded until I refresh the page. So the server is accepting the message, which is posted via HTTPS/javascript, rather than using the websocket connection.

The Websocket seems to only be responsible for getting pushes about an event, and that the javascript handle needs to poll the server afterwards to retrieve the actual data. Thus, the only thing that isn't working is the websocket connection.

Other applications that we host ourselves that are using websockets works, so we have no idea what could be the cause of this. Since ME SDP doesn't seem to use a normal webservice such as NGINX or Apache we don't really know how to debug or get error messages from the engine to see what goes wrong.

Have anyone else succeeded in setting up ME SDP behind a reverse proxy, or know what we are missing in the configuration?

      New to ADSelfService Plus?

        Resources

                  Related Products