How to configure my server with Nginx, SSL, for my cordova app?


#1

Hi,

i have a web application that is used to build Cordova android app.
The application is built for an ubuntu server where is running a Nginx with SSL (Mongo is hosted on mongolab). On production i use a NodeJS 0.12.X, but in dev i still use meteor shell.

When i build the application i run this command :
meteor build …/…/build/mercanet/ --mobile-settings settings.json --server=https://myIP

When i run the application on server here is the command (on prod server i use node :
meteor --settings settings.json --mobile-server https://myIP --port 3000

If i open a browser to https://myIp i can check that websocket works well so my nginx is well configured. But if i open the application in my android emulator, it fails to connect : https://myIP/sockjs/info?cb=x3i8q_or0y (cancelled)

I tried without SSL and i replace HTTPS by HTTP in meteor shell and it worked, so i’m wondering what i should do to use HTTPS with MeteorJS and Cordova.

For information here is the content of meteor_runtime_config on Cordova :
{“meteorRelease”:“METEOR@1.2.1”,“ROOT_URL”:"https://myIP/",“ROOT_URL_PATH_PREFIX”:"",“DDP_DEFAULT_CONNECTION_URL”:“https://myIP”,“autoupdateVersionCordova”:“ee806cb3e614acbfaad7031f7964c254c9fc7e39”,“appId”:“1rm26uv1lh7ui31i489b2”}"

Thanks for help


#2

Hi @rebolon

I am also running into similar issue with mobile app. Can you please sharethe solution if you solved the issue.


#3

Argh, i don’t remember how we managed this (i’m no more on this project). I think it’s about nginx configuration but not sure.
I’ll update the post when i remember this.


#4

I think it was a problem of nginx :

// this is a vhost config for a mobile website (http | https)://mobile.myserver.fr used for cordova deployment
upstream upstream_name{
server 127.0.0.1:3006;
}

server {
listen 80;
listen [::]:80;
server_name mobile.myserver.fr;
access_log /srv/logs/nginx/mobile.myserver.fr.log;
error_log /srv/logs/nginx/mobile.myserver.fr.log;
root /srv/www/prod/mobile.myserver.fr/public;
rewrite ^(.*)$ https://mobile.myserver.fr$1 permanent;
}

server {
listen 443 ssl spdy;
listen [::]:443 ssl spdy;
server_name mobile.myserver.fr;
access_log /srv/logs/nginx/mobile.myserver.fr.log;
error_log /srv/logs/nginx/mobile.myserver.fr.log;

root /srv/www/prod/mobile.myserver.fr/public;
more_clear_headers 'X-Powered-By';

    ssl_certificate     /etc/letsencrypt/live/www.myserver.fr/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/www.myserver.fr/privkey.pem;

location / {
    try_files $uri @app;
}

location @app {
    proxy_pass http://upstream_name;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-Port $server_port;
    proxy_set_header Host $http_host;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
    proxy_redirect off;
}

}