Tutorial: How to secure Traccar with SSL / HTTPS for free, using IIS and Let’s Encrypt on Windows Server

Turbovix2 years ago

Yes, I realized that this is a reverse proxy, however you could already have used the occasion and have installed and configured the use of HTTPS protocol.

Freekers2 years ago

I don't understand what you mean by 'used the occasion and have installed and configured the use of HTTPS protocol.' Please elaborate.

Sascha 2 years ago

Hello,
I have implemented everything exactly as in the descriptions and get the websocke error with every browser over https.
Can someone help me?

greetingss

Deichsel2 years ago

Hello,
I have installed Windows Server 2019 Standard, IIS 10, url rewrite 2.1, application request routing 3.0 and followed your description but get also the web socket error with firefox and internet explorer. The additional configuration with the HTTP_SEC_WEBSOCKET_EXTENSIONS variable will not fix the problem. So whta can I do or can you help me to fix this?

regards from germany!

Lukáš Hladík2 years ago

The sloution for https and wss connection i found:

First add the server variable to IIS manager: Your site > URL Rewrite > View Server Variables… > Add: HTTP_SEC_WEBSOCKET_EXTENSIONS

Then add the variable to the inbound rule that forwards requests to Traccar. This is my rule in web.config:

  <rules>
    <!-- if you want to use https only -->
    <rule name="HTTP/S to HTTPS Redirect" enabled="true" stopProcessing="true">
       <match url="(.*)" />
       <conditions>
          <add input="{HTTPS}" pattern="^OFF$" />
       </conditions>
       <action type="Redirect" url="https://{HTTP_HOST}/{R:0}" redirectType="Permanent" />
    </rule>
    <!-- the trick is here -->
    <rule name="Forward to Traccar" stopProcessing="true">
       <match url="(.*)" />
       <action type="Rewrite" url="http://localhost:8082/{R:0}" logRewrittenUrl="true" />
       <serverVariables>
          <set name="HTTP_SEC_WEBSOCKET_EXTENSIONS" value="" />
       </serverVariables>
    </rule>
  </rules>

You can also add the variable to the inbound rule with IIS-Manager, but it forces you to enter a value. You still end up with editing web.config to clear the value.