Using a self-signed certificate with Safari and websockets (osx/ios)

Question

I need to test secure websockets. I'd like to do it with a self signed certificate. So made quick web server in node following these instuctions.

Then I added a websocket server using the ws npm module.

So I go to try it in Chrome. Chrome complains when I first visit the https page that the cert is unverifiable (that's expected) but I hit "advanced" and "proceed" and it connects to the page and the websockets work and are secure.

So then I try it in Safari. It also complains the cert is unverifiable (expected) but I click "continue". It loads the HTTPS page but won't do the websockets. Both OSX Safari and iOS Safari show

WebSocket network error: OSStatus Error -9807: Invalid certificate chain 

Is there a way to use self signed certs with Safari? Specifically without adding the self-signed root cert to the OS?

Answer 1

It seems that the situation has changed since you asked, because it does work on OSX Safari now after accepting the self-signed certificate (this will require entering your OSX admin password once).

For mobile, the only workaround that worked for me is not to use SSL at all (ws://).

I'm not sure whether Safari will accept mixed https:// + ws:// pages, but it's worth a try if you want to keep SSL for the http part.

I can't find the official Apple documentation that says that self-signed certificates won't be accepted for websockets, but every post out there seems to say so.