CODEWITHSUNDEEP
phpsslhttpswebsocketxampp
Luca Mancuso
Luca Mancuso

Reputation: 25

WebSocket error: net::ERR_SSL_PROTOCOL_ERROR

I've just create a PHP web server on local server, (Xampp environment, Windows) with Let's Encrypt SSL certificate (NOT SELF-SIGNED) so my website https://example.it looks like valid certificate with every browser. I can navigate to it both with http:// and https:// with standard ports.

Now I'm implementing php socket for creating web chat, however if I use insecure web socket protocol over HTTP:

ws://example.it:8090/chat/php-socket.php

it works.

If I use secure web socket protocol over HTTPS:

wss://example.it:8090/chat/php-socket.php

I receive an error on establishing connection net::ERR_SSL_PROTOCOL_ERROR

This is my code if someone needs:

$(document).ready(function(){
        var websocket = new WebSocket("wss://example.it:8090/chat/php-socket.php");
        websocket.onopen = function(event) {
            showMessage("<div class='chat-connection-ack'>Connssione stabilita.</div>");
        }
        websocket.onmessage = function(event) {
            var Data = JSON.parse(event.data);
            console.log(Data);
            showMessage("<div class='"+Data.message_type+"'>"+Data.message+"</div>");
            $('#chat-message').val('');
        };
});

Upvotes: 2

Views: 5373

Answers (1)

Steffen Ullrich
Steffen Ullrich

Reputation: 123521

You are trying to use the same port (8090) for ws:// and wss:// - this will most likely not work. While you don't show any server side configuration I suspect that your websocket server on port 8090 can only do plain WebSockets (i.e. ws:// and not wss://) and that you expect the TLS from the HTTP server (port 443) to be magically applied to wss:// on port 8090 too. This is not the case. By trying wss:// with port 8090 you are instead trying to do a TLS handshake with a server which does not speak TLS, which then results in net::ERR_SSL_PROTOCOL_ERROR.

The common setup is instead to use a web server like nginx or Apache as reverse proxy for the websocket server and terminate the TLS at the web server. This way both ws:// and wss:// work on the standard ports (i.e. 80 and 443) from outside and the internet plain websocket server on port 8090 is will be made unreachable from outside. See for example NGINX to reverse proxy websockets AND enable SSL (wss://)? or WebSocket through SSL with Apache reverse proxy for how to setup something like this.

Upvotes: 2

Related Questions