Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wsserver via ssl in linux environment #77

Open
focussing opened this issue Aug 3, 2023 · 1 comment
Open

wsserver via ssl in linux environment #77

focussing opened this issue Aug 3, 2023 · 1 comment
Labels
question

Comments

@focussing
Copy link

focussing commented Aug 3, 2023
edited
Loading

Situation description

I am running Debian 11 on a small Linux board on the local network whre also my PC is present.
On this board a C-application is running which reads all hardware. Within this C-application an instance of wsServer is running. Also on the board a http: webserver is running. When a website is opened on the board, it starts a ws-client to wsServer and the status of the hardware is communicated to the website via the websocket. This way the hardware status is shown in real-time on the webpage. Beautiful!

Item nr 1

The website can only open a websocket connection to the board when using the hostname or the IP address of the board.
When using localhost or 127.0.0.1 a connection is not created App.vue:104 WebSocket connection to 'ws://localhost:8080/' failed:.
So far so good, normally this would not be a big issue.
But.

Item nr 2

When the website is accessed from outside the local network via a router we have seen that the console of the browser window is showing a mixed content error Mixed Content: The page at xxx was loaded over HTTPS, but requested an insecure yyy. This is correct because in that situation the website is called via https: and the websocket connection would be opened via ws:

SSL support

I have read your instructions for enabling SSL, but I can't get it to work. In no situation a wss: connection is opened WebSocket connection to 'wss://10.7.52.120/' failed:. I tested with localhost, 127.0.0.1 and the board's IP address, none of them work.

I also tried a few other options for the stunnel config like the following, but also no positive result:

[wsServer]
cert = /etc/stunnel/server.pem
accept = 0.0.0.0:443
connect = localhost:8080

or

[wsServer]
cert = /etc/stunnel/server.pem
accept = 0.0.0.0:443
connect = <board ip-addres>:8080

even

[wsServer]
cert = /etc/stunnel/server.pem
accept = 0.0.0.0:443
connect = 8080

Could you help me with this please?
Looking forward to hearing from you

Best regards,
Raymond
@Theldus
Copy link
Owner

Theldus commented Oct 25, 2023

Hi @focussing,
I apologize for the (very) long delay in responding.
Were you able to resolve your issue?

Not being able to connect even as localhost is quite strange and definitely not expected!

I'm not exactly sure what to suggest... but is Stunnel listening on the expected port? You can check this with a command like:

$ netstat -ntlp

It's also possible to monitor the traffic using Wireshark to see if there are any connection attempts to Stunnel.

Besides that, you can consider using other tools for SSL on WebSocket, such as Nginx itself. There are various resources available on this topic, like NGINX to reverse proxy websockets AND enable SSL (wss://)?

@Theldus Theldus mentioned this issue Nov 1, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Theldus @focussing