Using RouteMaster with Secure WebSockets

RouteMaster itself only supports the standard non-secure WebSocket protocol (ws://) , but modern browsers require that if a page is loaded HTTPS, it must use WebSockets over TLS to communicate (wss://).

This requires you to use Rascular WebCentre rather than RouteMaster’s built-in server, and set up NGINX to ‘proxy’ secure websocket connections to RouteMaster. This is how to set it up.

We’ll assume you are running RouteMaster on the same PC as WebCentre, and that RouteMaster is configured to use port 81 for WebSocket connections.

Edit the NGINX configuration file (WebCentre installs a handy “Edit NGINX configuration” command as a Start Menu shortcut), and add the following section at the end – just above the last closing bracket.

upstream websocket {
  server localhost:81;  # address and port number for WebSockets as set above in RouteMaster. Replace 'localhost'  if RouteMaster is on a different system.

server {
  listen 82 ssl; # port number receive WSS connections

  server_name localhost;
  ssl_certificate webcentre.pem;
  ssl_certificate_key webcentre.key;

  location / {
    proxy_pass http://websocket;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";

The example above will forward secure websocket connections to wss:// to non-secure connection ws://localhost:81 – your RouteMaster system. Change the sections in green as appropriate. See the post on HTTPS and WebCentre here.

Save the configuration file, and restart NGINX. It will then forward WSS requests to RouteMaster, but we still need to make our router WebPanels use the new ‘secure’ connection.

To do that, we should add the RouteMaster system as a “Device” in WebCentre.