522 error

[sajjadnasiribrn]

hi. im using wstunnel + cloudflare with ssl. why im getting this error:

failed to do websocket handshake with the server

2024-01-14T19:15:26.306680Z ERROR tunnel{id="018d0962-9c79-7f> Jan 14 19:15:26 wstunnel[4073]: Caused by: Jan 14 19:15:26 wstunnel[4073]: Invalid status code: 522 Jan 14 19:15:29 wstunnel[4073]: 2024-01-14T19:15:29.044866Z ERROR tunnel{id="018d0963-c134-75> Jan 14 19:15:29 wstunnel[4073]: Caused by: Jan 14 19:15:29 wstunnel[4073]: Invalid status code: 522 Jan 14 19:15:30 wstunnel[4073]: 2024-01-14T19:15:30.093408Z ERROR tunnel{id="018d0962-d2ee-76> Jan 14 19:15:30 wstunnel[4073]: Caused by: Jan 14 19:15:30 wstunnel[4073]: Invalid status code: 522

[erebe]

Like that I can't tell you much, http 522 means a timeout. Which would mean Cloudflare don't manage to contact your server. Try with a simple curl, to see if your server receives new connection from yoy through Cloudflare

[sajjadnasiribrn]

Recently, I've encountered an issue with Cloudflare on version 9. However, it used to work fine before. Currently, it's working with version 5, but for the past few days, I've been getting 400 and 522 errors with version 9. I need to use Cloudflare because otherwise, the firewall quickly filters my IP.

[erebe]

Like that, I can't tell you. I would need to test with Cloudflare to see. Will try to check when I have a bit more time on hand.

[sajjadnasiribrn]

thanks a lot.

[erebe]

I tried with cloudflare this morning, and I haven't got any issues. I started wstunnel server wss://[::]:443

On cloudflare, I just made sure to enable full encryption

with my domain proxied

be sure to have websocket enabled in the network tab

after that, I was able to start wstunnel client with

wstunnel client -L 'tcp://xxx' wss://my.domain.com traffic was ok

[sajjadnasiribrn]

hi. Thank you for your kindness. I used Cloudflare with an Origin Certificate, and I had also saved and used these certificates in the server wstunnel setting (with --tls-certificate and --tls-private-key flags).