How do I configure nginx as a reverse proxy with SSL for sync gateway so that heartbeats work?

#1

My current configuration is sync gateway v1.1.1 with nginx sitting in front of it as a reverse proxy, with nginx handling all the SSL configuration. My Couchbase lite iOS v1.1.1 app can successfully do push and pull replication to sync gateway with this configuration (pointing to the nginx https public endpoint), but the heartbeats for keeping a longpoll connection are not being sent by sync gateway. On our dev server with no SSL everything works fine. In the sync gateway logs with the Heartbeat log flag enabled we see:

Heartbeat: heartbeat written to _changes feed for request received  (as userId)

On the device (with no ssl on dev) we then see 1 byte get processed by ChangeTracker. When we use SSL after the pull replication has successfully pulled all documents we see the heartbeat log message in sync gateway, but the device never receives it, the logs are blank. On the server side I can see that no packets are being sent out over port 80 or port 443. During pull replication I can see packets going out over port 443, but I see nothing for the heartbeats. How do I configure sync gateway to send heartbeat messages over the same connection it sends data for a pull replication?

In the app we have the pull replicator customProperties set to:
pull.customProperties = @{@“websocket” : @0, @“heartbeat”:@30000};

Couchbase Lite/Cordova Timeout
#2

Where on the server side are you “seeing packets going out over port 443”? From nginx or Sync Gateway? I’m wondering whether the SSL-encoded heartbeats aren’t making it past nginx.

#3

Using tcpdump watching port 80 on one terminal and port 443 on another terminal, I don’t know which application specifically is sending them. Nginx handles all other data sync gateway is sending over 443, it’s just the heartbeats it can’t handle. E.g. I can update a document on the server and sync gateway successfully pushes the updated document to the device over 443, so long as it’s within our 4 minute connection timeout window. After 4 minutes the connection is dead and nothing replicates because the heartbeats aren’t keeping it open.