WebSockets allow a two-way, persistent communication channel between a client and a server. Like any other HTTP requests, WebSockets can be either secure (WSS) or insecure (WS). In This tutorial, you will be shown how to configure NGINX to proxy WSS connections.
If you are not a developer or have not developed a WebSocket application, you may find demo applications in Github. Each one was written for tutorials like this.
In order for WWS requests to be proxied to a backend WSS service, NGINX must be configured to listen over a secure port. Just as you would configure SSL when using NGINX to server web application, a ssl certificate and certificate key must be configured.
The following example nginx.conf adds uses a certificate file named cert.pem and a key file named key.pem. The acceptabed protocols are explicitly set using the ssl_protocols directive, and the allowed ciphers are set with the ssl_ciphers directive.