Websocket with wss error

[leonchaves]

I managed to make the helloworld with tls work using node.js (server is qpid broker 7.0.6). Now I am trying the websockets version, but firefox is not able to connect.

The only lines I changed from https://github.com/amqp/rhea/blob/master/examples/websockets/client.html were:

var server = "wss://localhost:5672"; // i changed qpid broker to listen on wss port 5672

and

client.options.username = 'username'; client.options.password = 'password'; // same username and password that worked with helloworld with node.js

(if I don't use username and password with ssl [=> wss], I get another known error: https://github.com/amqp/rhea/issues/159)

Maybe I should adjust the connection parameters from

var connection = client.connect({"connection_details":ws(server, ["binary", "AMQPWSB10", "amqp"]), "reconnect":false});

But I don't know what to place there.

Can anybody help me?

Thanks.

[grs]

What error(s) are you seeing? When connecting to the broker with the example that worked, did you use TLS? If so what options did you specify there?

[leonchaves]

The error in web console is:

Firefox can’t establish a connection to the server at wss://localhost:5672/. rhea.js:4871:32 [connection-1] disconnected [object Event] rhea.js:553:13

Yes, I used tls. When using helloworld.js and node I had:

container.options.username = 'username'; container.options.password = 'password'; container.connect( {port: args.port, host: args.host, transport:'tls', ca: [ fs.readFileSync(path.resolve(__dirname,'my_keystore.pem')) ] } );

And it worked.

When I set qpid broker to wss and try the modified client.html I get the error above.

[grs]

I suspect the issue may be that firefox does not trust the servers certificate, whereas the node examples does because you specified the ca to use to verify it.

[leonchaves]

I tried to import the self-signed certificate (the same that works with tls with helloworld.js) into firefox but I couldn't make it. View certificates -> authorities -> import gives no error message, but does not seem to import it. Any suggestions?

[leonchaves]

Are you aware that some posts refer to some "corrections" in rhea.js to make it work in the browser?

This is one of them: https://medium.com/@xaviergeerinck/getting-amqp-to-work-in-your-browser-857a271b5807

[grs]

The library is already quite extensively used in browserified form. The change referred to there, adding ArrayBuffer to the type sensing may be convenient for some payloads but is not related to your issue.

[leonchaves]

Ok. So how do I make it work? For development purposes the self signed certificate should work somehow. If I don't use wss, but ws I get the other error from issue #159

How can I solve this?

[grs]

To use TLS from a browser you need to import the CA cert to trust as an authority (not sure what is happening in your browser with that but it should work).

[leonchaves]

How may I not use tls (ws instead of wss) and still connect to my amqp broker from the browser?

[grs]

Since you are using qpid java server, you would need to configure that to accept PLAIN over non TLS connections or allow ANONYMOUS access.