Ws: SSL certificate issue and config options

Created on 18 Sep 2014  路  7Comments  路  Source: websockets/ws

I'm trying to connect secured websocket layer and getting DEPTH_ZERO_SELF_SIGNED_CERT.
Is there a way to pass certificate as config option to resolve this, I will anyway get proper certificate.
Like to know what all config options i can give.

var ws = new WebSocket('wss://test.com/websock');
picture tomalex0

Most helpful comment

Try adding this line to your client, before creating the WebSocket instance:

process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
picture larsthorup on 28 Sep 2014
👍7

All 7 comments

Don't use self-signed certificates in a server. Instead, self-sign a CA, then use the CA to self-sign your certificate.

See this repo and follow the tutorial: https://github.com/coolaj86/nodejs-self-signed-certificate-example

If you get it set up like that, it'll work.

coolaj86 picture coolaj86 on 24 Sep 2014

Also, you need to create your websocket from your server:

var server = require('https').createServer({ /*ssl options*/ })
  , app = connect() // or express()
  , wss = new WebSocketServer({ server: server })
  ;

server.on('request', app);
server.listen(port, function () { console.log('Listening...'); });

In order to have your test work from your browser you must add a .p12 file to your keychain. I've got an example of that here: https://github.com/coolaj86/nodejs-ssl-trusted-peer-example/blob/master/make-root-ca-and-certificates.sh#L84

coolaj86 picture coolaj86 on 24 Sep 2014

My node app is acting as client to websocket server in java.

I tried an https request using 'request' module with

secureProtocol: 'SSLv3_method

var options = {
        strictSSL: false,
        rejectUnauthorized: false,
        secureProtocol: 'SSLv3_method',
        agent: false,
        url : 'https://test.com/websock',
        method : 'GET'
    };
request(options, function(error, response, body) {
        console.log(response.statusCode);
        console.log('its in here');
 });

and got a response code but using websocket im getting

{ [Error: socket hang up] code: 'ECONNRESET', sslError: undefined }

what all options do we have in ws to pass ssl configs, i tried all these

var ws = new WebSocket('wss://test.com/websock',{ 
    rejectUnauthorized:false,
    strictSSL: false,
    secureProtocol: 'SSLv3_method'}
);
and still got same hangup issue
tomalex0 picture tomalex0 on 26 Sep 2014

Well, you probably need to fix the java server so that it isn't using a self-signed cert. (you can use the bash script in the repo I showed to create the correct type of certificate)

You probably also need to include the .crt chain in the client app.

Can you get it working with curl for a normal request?

Can you get it working with a reference websocket implementation?

If you can't get it working with curl or a reference implementation you probably won't get it working with node.

coolaj86 picture coolaj86 on 27 Sep 2014

Try adding this line to your client, before creating the WebSocket instance:

process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
larsthorup picture larsthorup on 28 Sep 2014
👍7

I'm getting this error while connecting to wss,
[Error: socket hang up] code: 'ECONNRESET', sslError: undefined

ws works fine

tomalex0 picture tomalex0 on 1 Oct 2014

This issue is resolved. It has something to do with Jetty installed in websocket server (tomcat). Once jetty was removed, wss worked fine

tomalex0 picture tomalex0 on 15 Oct 2014
Was this page helpful?
0 / 5 - 0 ratings

Related issues

pacmac picture pacmac  路  3Comments
ORESoftware picture ORESoftware  路  3Comments
bartosz-m picture bartosz-m  路  3Comments
pmcalabrese picture pmcalabrese  路  4Comments
sherikapotein picture sherikapotein  路  3Comments