Skip to content
Search Create account

Developers Forum for XinFin XDC Network

Developers Forum for XinFin XDC Network is a community of 3,019 amazing users

Developers Forum for XinFin XDC Network

Create account Log in
Twitter Facebook Github Instagram
Raghuram Dharanipathy
Raghuram Dharanipathy

Posted on • Updated on

Enable secure websocket(WSS)&(https) for full node using Nginx

#xdc #plugin #pli

This article gives you the concise information about setting up of secured websocket(WSS) for your full node.

Setting up of Nginx and the configuration tweaking needed for https is clearly mentioned in "How to configure SSL for XDC private chain on server with Nginx".

Tweaking needed for enabling WSS in Nginx configuration file is given below.

Now you need to edit the NGINX configuration file /etc/nginx/sites-enabled/default:

map $http_upgrade $connection_upgrade {
    default upgrade;
    '' close;
}

upstream websocket {
   server 127.0.0.1:8888;
}
server {


        root /var/www/html;

        # Add index.php to the list if you are using PHP
        index index.html index.htm index.nginx-debian.html;
    server_name <domainName>; # managed by Certbot


        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ =404;
                proxy_pass http://localhost:8989;
        }

       location /websocket {
            proxy_pass http://websocket;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
            proxy_set_header Host $host;
        }


    listen [::]:443 ssl ipv6only=on; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/xdcprivate.goplugin.co/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/xdcprivate.goplugin.co/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
    if ($host = <domainName>) {
        return 301 https://$host$request_uri;
    } # managed by Certbot


        listen 80 ;
        listen [::]:80 ;
    server_name <domainName>;
    return 404; # managed by Certbot


}
Enter fullscreen mode Exit fullscreen mode

We use a proxy_pass directive to proxy traffic from an encrypted 443 HTTPS port to node port 8989 on our server instance without exposing it publicly.

Now verify that the config is correct:
sudo nginx -t

and restart the NGINX process to apply changes:

sudo service nginx restart

You can check if your full node is available via a secure HTTPS & WSS connection.

Discussion (0)

Read next

andrew profile image

Why Vyper is the Future of Ethereum Smart Contract Development?

Andrew -

lucas_chua_ebd1d8d9e09f30 profile image

Everything You Need to Know to Set Up an RPC Node Server on XDC Network.

Lucas Chua -

ruslan_wing profile image

Using Wallet Connect on XDC Network

ruslan wing -

ruslan_wing profile image

Setting Up an RPC Node Server for Your DApp on XDC Network: A Comprehensive Guide

ruslan wing -