Deploy rasa on a ssl enabled server

Hi. I have deployed a rasa bot in my server. but now enabled ssl today. now I need to run rasa with https. I am trying to do this with nginx. Can anyone help me with what changes should I make to my nginx.conf file?
Is there any way to get the webhook suppose url: “http://192.168.20.62:5005/webhooks/rest/webhook to url: “https://192.168.20.62:5005/webhooks/rest/webhook In short, I just want to change my url to https. Is it possible?

You can use ssl for your nginx and then use as a reverse proxy to pass requests to your rasa server. You can see a sample config below

upstream rasa{
server rasa:5005 # your rasa server ip and port
}

server {
listen 443 ssl;
server_name 127.0.0.1;

ssl_certificate <CERTIFICATE PATH>
ssl_certificate_key <CERTIFICATE KEY>
ssl_trusted_certificate <CA PATH>

location /{
    proxy_pass https://rasa
}
}

thank you so much. I am trying this. but one more thing… everytime i start nginx i get nginx: [emerg] bind() to [::]:80 failed (98: Address already in use) i know this is because port 80 is already being used by http. and if i try to stop the process which is running n port 80, naturally I can’t connect to my server anymore. Do you have any solution regarding this?

okay I managed to run nginx on a different port (example: 7777). but now I am getting this error:

jquery.min.js:2 Mixed Content: The page at ‘https://my_domain.com:7777/’ was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint ‘http://XX.XX.XX.XX:5005/webhooks/rest/webhook’. This request has been blocked; the content must be served over HTTPS.

any idea on how do I run rasa with https?

If your website is using https, then you cannot make http calls. There are two ways to tackle this.

  1. You should create an ssl certificate and start rasa server using ssl. [HTTPS for RASA]
  2. You can use Nginx as a reverse proxy to redirect calls to an http rasa server.

For the second approach, you can add the following location section under your server config section ins nginx config file.

                location ~ ^/rasa([^\?]+)(\?.*)? {
                    resolver 127.0.0.11 valid=30s;

                    set $rasa_server http://rasa:5005$1?$args;

                    proxy_http_version              1.1;
                    proxy_cache_bypass              $http_upgrade;

                    proxy_set_header Upgrade        $http_upgrade;
                    proxy_set_header Connection     "upgrade";

                    proxy_pass                      $rasa_server;
                    proxy_read_timeout              300;
            }

This will pass all requests coming to your_domain/rasa to the rasa server (in my case a docker container listening to port 5005). If there are any arguments, then they are also passed. (you’ll need this for socket.io over https)

Thank you so much. I’ve been able to run rasa with my ssl certificate with the following command

rasa run --ssl-certificate /path_to_folder/mydomain.crt --ssl-keyfile /path_to_folder/mydomain.key --m ./models --endpoints endpoints.yml --port 5005 -vv --enable-api --cors “*” --credentials credentials.yml

And I am running nginx with another port. So that solves my problem. Thanks :smiley:

1 Like