search

beyondcode / laravel-websockets

Websockets for Laravel. Done right.
https://beyondco.de/docs/laravel-websockets
MIT License
5.07k stars 613 forks source link

How to enable SSL on Laravel websockets if deployed to test server/production (SSL is handled by AWS Certificate Manager) #1055

Closed kpebron closed 7 months ago

kpebron commented 1 year ago

Running with:

CentOs 7
PHP 7.4
Laravel 8.x
Beyond Code Laravel Websockets 1.13
Pusher PHP Server 3.0
Apache 2.2

I used Laravel websockets and working in localhost with a self signed certificate to enable SSL. Below is the code that is used in websockets.php

    'ssl' => [
        'local_cert' => env('LARAVEL_WEBSOCKETS_SSL_LOCAL_CERT', null),
        'local_pk' => env('LARAVEL_WEBSOCKETS_SSL_LOCAL_PK', null),

Now I deployed laravel websockets code to my test server. Everything except the SSL Cert and Private Key. I was not the one who enabled the SSL in the test server. I was told that SSL is being handled by AWS Certificate Manager. Meaning there is no Certificate and Private Key file in the server(I think). How should I proceed with the installation? I got error message WebSocket connection to 'wss://domain.name:6001/app/PUSHER_APP_KEY?protocol=7&client=js&version=7.4.0&flash=false' failed: WebSocket is closed before the connection is established.

Port number enabled in server image

[program:laravel-queue]
command=php /var/www/html/publicfolder/core/artisan queue:work --sleep=3 --tries=3 
process_name=%(program_name)s 
numprocs=1      
autostart=true  
autorestart=true  
startsecs=10    
startretries=3       
user=ec2-user
redirect_stderr=true      
stdout_logfile=/var/www/html/publicfolder/core/laravel-queue.log 

[program:laravel-websockets]
<!-- command=php /var/www/html/publicfolder/core/artisan websockets:serve -->
command=php /var/www/html/publicfolder/core/artisan websockets:serve --host=127.0.0.1
process_name=%(program_name)s 
numprocs=1      
autostart=true  
autorestart=true  
startsecs=10    
startretries=3       
user=ec2-user
redirect_stderr=true      
stdout_logfile=/var/www/html/publicfolder/core/laravel-websockets.log

When running the supervisord, I can see on the logs that websockets is running on port 6001 and queues are also being logged when running the events in tinker

gabriel-sousa99 commented 1 year ago

I'm facing the same issue, the solution was set proper permission to my certificates and putting their path on env. After that i configure the websockets start command with sudo and voilá, problem solved image

kpebron commented 1 year ago

I don't have certificates in my ec2 instance since we are using aws certificate

HilalLko commented 1 year ago

@kpebron To use SSL handled by AWS Certificate Manager, you can simply Go to "Certificate Manager" on your AWS console. Select your desired certificate Copy the ARN provided.

And then you can use copied ARN in your config/websockets.php

...
...
'ssl' => [
...
'local_cert' => <copied ARN here>,
]

Better if you set ARN in env and use value from .env inside websockets.php.