Serverless Forums

Serverless websockets - accepting a path wss://hostname.xxx/<path>

Serverless Framework

everters February 2, 2021, 10:44pm 1

Dear Serverless community,

Your work has been a blessing for me. I’m using the framework since 6 months or so, and have deployed various REST APIs on AWS. Great work!

Right now I am facing a pretty big issue, which I have tried to solve for a few hours now.

I have a bunch of websocket clients which would like to contact my endpoint at address of the form wss://hostname.xxx/<client_id>

Unfortunately, it seems that this kind of behavior is not actually supported by api gateway and lambda. This seems pretty odd, as it is pretty common.

I have looked at various documentation, and in particular this medium post Using parameter mapping in WebSocket API | by Jaewoo Ahn | Medium which seems to offer some workaround, which I am unable to fully grasp for now.

I would like to ask if someone has had this experience before and has found a way to map the path to some field of the event fed to the lambda, or at least to avoid a 403 error every time somebody includes a path in the endpoint address.

Thank you very much for your help

everters February 11, 2021, 7:24am 2

It seems that this stackoverflow discussion may provide a solution:

and this Medium article is needed to make it work Configure Amazon CloudFront CDN for WebSocket connection - Nick Zamosenchuk - Medium

everters February 19, 2021, 11:01am 3

Those resources were the solution!

It is also possible to use cloudfront to enable insecure websocket connections, and to do a ton of other things. With lambda @ edge is possible to rewrite requests and responses.

Something odd is happening tho. I have a custom domain for my cloudfront distribution, therefore i use a SSL certificate created via ACM for that domain instead of the cloudfront SSL default certificate.

That certificate i got via ACP appears “wrong” though, trying to connect to the endpoint using openssl results in a error.

The default cloudfront certificate has a wrong hostname.

My clients can tolerate a certificate with a wrong hostname but aren’t able to use my custom certificate at all!

Is there something i should be paying attention to in order to allow my own custom certificate to be used?

Topic		Replies	Views	Activity
Directly proxying Lambda via Cloudfront without API Gateway Serverless Framework aws , lambda	30	21848	November 16, 2020
Websockets with custom domain Serverless Framework	2	1508	February 3, 2020
Use CloudFront Proxy to access Lambda APIs Serverless Framework	4	5538	September 25, 2017
URL path mismatch in response between serverless-offline & AWS Lambda Serverless Framework aws , lambda	2	3456	February 2, 2021
APIGateway as an domain name of cloudfront origin Serverless Framework	1	461	September 18, 2020