The proxypass config in docs has some issues:
Proxy ConfigRequestHeader set X-Forwarded-Proto "https" ProxyPass "/openam/notifications" "ws: Upgrade=websocket
ProxyPass "/openam" "http: ProxyPassReverseCookieDomain "openam.internal.example.com" "proxy.example.com" ProxyPassReverse "/openam" "http://openam.example.com:8080/openam"
Upgrade=websocket will cause problems outside a <virtualhost> context. Apache will fail to start.
Dec 05 16:30:56 6004.fr.local systemd: Starting The Apache HTTP Server...
Dec 05 16:30:56 6004.fr.local httpd: AH00526: Syntax error on line 357 of /etc/httpd/conf/httpd.conf:
Dec 05 16:30:56 6004.fr.local httpd: ProxyPass unknown Worker parameter
We also don't need it there as wstunnel does it itself:
This module requires the service of mod_proxy. It provides support for the tunnelling of web socket connections to a backend websockets server. The connection is automatically upgraded to a websocket connection:
In fact the module can be used to upgrade to other protocols, you can set the upgrade parameter in the ProxyPass directive to allow the module to accept other protocol. NONE means you bypass the check for the header but still upgrade to WebSocket. ANY means that Upgrade will read in the request headers and use in the response Upgrade
proxyws_dir_conf *dconf = ap_get_module_config(r->per_dir_config, &proxy_wstunnel_module);
const char *upgrade_method = *worker->s->upgrade ? worker->s->upgrade : "WebSocket";