Reputation: 115
wss (secure websocket) with Django Channels and Daphne webserver
I am trying to figure out how to set up Django Channels so that it accepts my websocket connections via the wss:// scheme.
For ws:// everything works perfectly. I use the websockets package on my client side to set up a connection to the server (which runs Channels as an ASGI server). But when I shift to wss:// and start running the client, then ... nothing happens for 60s, after which I get an error message stating: "SSL handshake is taking longer than 60.0 seconds: aborting the connection"
My Daphne server is running on localhost with standard port 8000.
Starting ASGI/Channels version 2.2.0 development server at http://127.0.0.1:8000/
Quit the server with CONTROL-C.
INFO - 2019-11-15 14:12:14,094 - django-main-thread - daphne.server[110] - HTTP/2 support not enabled (install the http2 and tls Twisted extras)
INFO - 2019-11-15 14:12:14,094 - django-main-thread - daphne.server[119] - Configuring endpoint tcp:port=8000:interface=127.0.0.1
INFO - 2019-11-15 14:12:14,095 - django-main-thread - daphne.server[150] - Listening on TCP address 127.0.0.1:8000
I understand that HTTP and HTTPS as well as TCP and TLS should run on different ports, but since I haven't found any hint on the Django Channels readthedocs website on it, I thought it might just miraculously handle both without any config necessary. I guess I am wrong?
The client-side connection is established like this:
ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLSv1_2)
ssl_context.set_ciphers(get_allowed_ciphers())
ssl_context.verify_mode = ssl.CERT_REQUIRED
ssl_context.check_hostname = False
async with websockets.client.connect(
uri=url,
extra_headers=header,
ssl=ssl_context) as websocket:
await asyncio.gather(on_open(websocket), on_message(websocket))
The on_open() and on_message() methods handle the opening of the socket and parsing incoming messages, respectively.
Now, I was actually expecting to be able to set an SSL context on the server side (using Channels) as well, but I haven't found one single example after many hours of research online. I rather see only examples where nginx is configured to listen to port 443 and pointing to the necessary certificates.
I thought Daphne was a production-ready server that can handle both HTTP(s) and WebSocket (ws and wss) requests. What do I need Nginx for?
That may seem like a stupid question, but I'm happy for any help here.
Upvotes: 3
Views: 3489
Answers (0)
Related Questions
- django channels behind https
- Django channels using secured WebSocket connection - WSS://
- WebSocket wss:// on SSL with Nginx Gunicorn Daphne Channels Redis
- Deploying Django Channels with Daphne + NGINX using SSL
- Connect via a secure websocket WSS from Django project to Redis/Daphne
- Why does django-channels not connect to secure Websockets wss?
- Django channels websocket connecting and disconnecting (Nginx + Daphne + Django + Channels)
- Using WebSocket Secure with Nginx and Daphne
- Channels Websocket immedialty disconnecting with ssl
- Why do I need reverse proxy with daphne?