CODEWITHSUNDEEP
node.jssocketssocket.io
Joncom
Joncom

Reputation: 2146

How to connect to Node socket.io-server from Node socket.io-client **with HTTPS**

I've setup a socket server, like so:

/* node-server.js */
var port = 3333;
var fs = require('fs');
var options = {
    key: fs.readFileSync('ssl/server.key'),
    cert: fs.readFileSync('ssl/server.crt')
};
var server = require('https').Server(options);
var io = require('socket.io')(server);
console.log('Socket server listening on port ' + port + '.');
server.listen(port);
io.sockets.on('connection', function(socket) {
    console.log("Client " + socket.id + " connected.");
});

And a Node client that connects to it:

/* node-client.js */
var url = 'https://localhost:3333';
console.log('Connecting to ' + url);
var io = require('socket.io-client');
var socket = io.connect(url, { reconnection: false });
socket.on('connect_error', function(error){ console.log('Error connecting to ' + url, error);});
socket.on('connect', function() {
    console.log('Connected to ' + url);
});

However, when trying to connect I get an error { [Error: xhr poll error] description: 503 }.

This error goes away, and everything just works if I remove the "HTTPS" component. Here's a diff showing exactly what I mean.

However, I'm not convinced that HTTPS is the problem, because here is another client (this one in a browser instead of Node) which can connect just fine:

<!DOCTYPE html>
<html>
<head>
    <script type="text/javascript"
        src="https://localhost:3333/socket.io/socket.io.js"></script>
</head>
<body onload="io.connect('https://localhost:3333');">
</body>
</html>

How can I get a Node socket.io-client to connect to a Node socket.io-server over HTTPS?

Upvotes: 1

Views: 4272

Answers (2)

neha sharma
neha sharma

Reputation: 21

On Node.js, TLS and HTTPS will validate certificates before accepting them. Therefore, to use self-signed certificates with Node, you will need to set the rejectUnauthorized option when performing requests to false, or use:

process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';

Upvotes: 2

Joncom
Joncom

Reputation: 2146

The solution was to add this line to the client:

process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";

I found that if I manually made HTTPS requests to the socket server:

var https = require('https');
var options = { host: 'localhost',
    port: '3333',
    path: '/socket.io/?EIO=3&transport=polling&t=1404103832354-0&b64=1',
    method: 'GET',
    headers:
    { 'User-Agent': 'node-XMLHttpRequest',
    Accept: '*/*',
    Host: 'localhost:3333' },
    agent: false
};
https.globalAgent.options.rejectUnauthorized = false;
https.request(options, function() {
    console.log(arguments);
    throw 'done';
});

...then requests would fail with the error: DEPTH_ZERO_SELF_SIGNED_CERT

Socket.io, it would seem, was unable to make requests for this reason.

After Googling the error, I found this page.

On that page someone suggested the solution above, which works.

Essentially, I believe it's allowing self-signed certs which may be "insecure".

Upvotes: 0

Related Questions