Rocket.chat: Cannot get Rocket Chat running over https with Apache2

Can you share your apache configuration?

I was initially using apache for a while so as mentioned if we can see the config should be able to help. The only part I could not get going was the websockets, after a lot of poking around the web it looked to be easier just to swap to Nginx so I did and the config from the guides in the wiki it all worked first time.

Hi!
Thanks for the fast response!

here is my current config residing within:

/sites-enabled/rocketchat.conf:

<VirtualHost *:443>
  ServerAdmin [email protected]
  ServerName subdomain.domain.com
  ProxyPreserveHost On
  ErrorLog /var/log/chat.domain.com_error.log
  TransferLog /var/log/chat.domain.com_access.log

  LogLevel info
  SSLEngine On
  SSLOptions +StrictRequire
  SSLCertificateKeyFile /etc/ssl/private/www_domain_com.key
  SSLCertificateFile /etc/ssl/certs/www_domain_com.crt
  SSLCertificateChainFile /etc/ssl/certs/www_domain_com.ca-bundle

  <Location />
    Order allow,deny
    Allow from all
    ProxyPass http://subdomain.domain.com:3000/
    ProxyPassReverse http://subdomain.domain.com:3000/
  </Location>

</VirtualHost>

I thought of switching to Nginx, too. But currently that is not an option within the current infrastructure.

Thanks for any hint on the topic!

Best,
Christian

Assuming apache is running on the same server as Rocket.Chat I would change the two proxypass lines to:

    ProxyPass http://localhost:3000/
    ProxyPassReverse http://localhost:3000/

I am also making the assumption that pm2 status shows Rocket.Chat is running and that you can access it successfully by going to http://ip address of server:3000 if that part is not working the problem lies back with Rocket.Chat, not apache.

Already changed ProxyPass and ProxyPassReverse, but not working.

pm2 status / pm2 show 0 shows the app is up and running (what status tells) without any errors, but can't be accessed neither through url nor ip, doesn't matter which protocol may it be http or https.

But i am not 100% sure if that profs that the app is running correctly.

Just to follow up. Actually i do not get any possible related errors in the log fies.

OK so not an apache issue then. Lets run through a few things:

1) Can we see the contents of the pm2-rocket-chat.json file that you used when starting pm2.
2) The contents of your /etc/hosts file
3) From the server itself do a curl localhost:3000 don't need the output of this, just did it return nothing or a bunch of html?
4) While we are at it might as check of monog is working. From the server what happens when you enter the command mongo ? If it is working your command line should change to start 001-rs:PRIMARY> rather than its standard username@hostname>. If you get that just exit out as all is good there, if not let's see the output of whatever it did say.

Sure:

1)

{
    "apps": [{
                "name": "rocket.chat",
                "log_date_format": "YYYY-MM-DD HH:mm:ss SSS",
                "script": "/home/rocketchat/rocket.chat/bundle/main.js",
                "out_file": "/var/log/rocket.chat/app.log",
                "error_file": "/var/log/rocket.chat/err.log",
                "port": "3000",
                "env": {
                        "MONGO_URL": "mongodb://localhost:27017/rocketchat",
                        "MONGO_OPLOG_URL": "mongodb://localhost:27017/local",
                        "ROOT_URL": "https://subdomain.domain.com",
                        "DDP_DEFAULT_CONNECTION_URL": "https://subdomain.domain.com",
                        "PORT": "3000"
                }
    }]
}

2)

127.0.0.1       localhost.localdomain localhost
::1             localhost6.localdomain6 localhost6
127.0.0.1       localhost
::1             localhost ip6-localhost ip6-loopback
fe00::0         ip6-localnet
ff00::0         ip6-mcastprefix
ff02::1         ip6-allnodes
ff02::2         ip6-allrouters

3) Returns a bunch of html

4) shows 001-rs:PRIMARY>
can exit , too

1) Looks fine
2) The only slight difference is at the recommendation of the guide I mapped the machine's hostname to 127.0.0.1
127.0.0.1 hostname
Having said that I seem to remember before I did this it caused problems with mongo which seems fine as proved by 4)
3) The fact that this returns HTML implies that everything is working ok. If that works I would expect http://1.2.3.4:3000 in a broswer to also work (1.2.3.4 being replaced with the actual ip address of the server). Doing this over hostname is preferable when testing to rule out dns issues. If you can access it from the server itself(which that curl command showed you could) and can't access it from a machine on the same network is it possible you are running a firewall on your server? Unfortunately I am not sure how much more help I can be as it looks likeRocket.Chat is running and it is some kind of network related issue which can be very specific to your setup (that or I missed something obvious, but either way I am not much more help so hopefully someone else can chime in with ideas)

Many thanks for the feedback!
I'll go through it again by tomorrow and try one or two other things.

Get back to you soon,
Many thanks!

Thanks so much for the great tips, but it did not work out. I decided to force it and go with a separate instance running nginx ;-)

Many thanks and best,
Christian

Proxy can't be inside Location

<Location />
            Require all granted
            Options -Indexes
        </Location>

        ProxyPass /websocket ws://localhost:3000/websocket
        ProxyPassMatch ^/sockjs/(.*)/websocket ws://localhost:3000/sockjs/$1/websocket
        ProxyRequests Off
        ProxyPass / http://127.0.0.1:3000/
        ProxyPassReverse / http://127.0.0.1:3000/

May I ask you why this issue is closed? I actually have the same issue, I tried everything and I still cannot run RocketChat over https with Apache. Did anyone managed to get it running?
Thank you for your help.

Struggling out here to make it work with Apache also..

To whoever, like me, finds this thread after a desperate Google search:

@royalterra answer solved my reverse proxy problem. If you then get a 500 error like the following:

No protocol handler was valid for the URL /sockjs/123/abcdefgh/websocket [...]

You need to enable the proxy_wstunnel mod with sudo a2enmod proxy_wstunnel

Found the answer here: http://stackoverflow.com/a/26045183/3133038

I wonder if there is such a thing as a log file for Rocket.Chat

With the apache2 proxy config from @royalterra I got the Error Message inside the Android App Rocket.Chat+:

Value chat.rocket.android_ddp.DDPClientCallback can't be converted from String to JSON

But after uninstall/install the app from App Store, it worked fine for me. For me, this issue is closed.