Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

wss: via ssl on linux debian board #558

Closed
focussing opened this issue Aug 4, 2023 · 1 comment
Closed

wss: via ssl on linux debian board #558

focussing opened this issue Aug 4, 2023 · 1 comment

Comments

@focussing
Copy link

Situation description

I am running Debian 11 on a small Linux board on the local network whre also my PC is present.
On this board a C-application is running which reads all hardware. Within this C-application an instance of wsServer https://github.com/Theldus/wsServer is running. Also on the board a http: webserver is running. When the board's website is opened, it starts a ws-client to the ws: server and the status of the hardware is communicated to the website via the websocket. This way the hardware status is shown in real-time on the webpage. Beautiful!

When the website is accessed from outside the local network via a router we have seen that the console of the browser window is showing a mixed content error Mixed Content: The page at xxx was loaded over HTTPS, but requested an insecure yyy. This is correct because in that situation route to the website is initiated via https: and the websocket connection would be opened via ws: instead of wss:.

I have read your instructions to get websockify up and running

openssl req -new -x509 -days 365 -nodes -out self.pem -keyout self.pem
websockify 443 a20-olinuxino:8080
WebSocket server settings:
  - Listen on :443
  - SSL/TLS support
  - proxying from :443 to a20-olinuxino:8080

On the browser (latest version of chrome) when I try to open a wss: connection to wss://a20-olinuxino:443 it give the following error:
handler exception: [SSL: SSLV3_ALERT_CERTIFICATE_UNKNOWN] sslv3 alert certificate unknown (_ssl.c:1123)

I tried to let the browser accept the certificate but it does not recognize the .pem file.

Sure that I am doing things wrong, please can anyone help me in getting this to work?

Best regards,
Raymond
@CendioOssman
Copy link
Member

Browsers never accept self-signed certificates right away, so you need to add an exception. This is not specific to websockify, so you'll need to follow the browsers normal procedure for this. Generally, that means visiting the web site and clicking some exception button when the error pops up. So visiting https://a20-olinuxino in your case.

@CendioOssman CendioOssman closed this as not planned Won't fix, can't repro, duplicate, stale Aug 21, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@CendioOssman @focussing