Can not open websocket when using https, but normal in http

[GiKyouGetsu]

We try to connect the secure websocket, we can get the policy file and return the correct status when we request 843 port, but we still can not open the webscocket can not received the "onopen" event, and web socket can not establish, but we can connected successful when we connect not secure websocket (http), so what should i do ???

[GiKyouGetsu]

[gimite]

Try Troubleshooting section of README and let me know the result of each step. It is often especially useful to try an environment with native WebWocket support like Chrome.

Just guessing, but maybe the host does not provide a valid certificate matching the host name? Guessing so because I believe you cannot get a valid certificate for host name "localhost". Have you installed a fake certificate manually?

[GiKyouGetsu]

Hi @gimite I install a self-signed certificate which generated by java SDK tool and below is certificate config in my server:

server.ssl.key-store = keystore.p12 server.ssl.key-store-password = password server.ssl.key-store-type = PKCS12 server.ssl.key-alias = selfsigned server.ssl.ciphers = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 server.ssl.enabled-protocols = TLSv1.2

I followed the trouble shooting and still does not work

The socket server I used : javax.websocket.server The web Browser I used : IE8 Compatibility Views The exact message: I just want to connect to web socket but there is no replay in server side, we can not receive the "onopen" message Error message: we did not see any error message, just saw the attached message above [https://github.com/gimite/web-socket-js/issues/182#issuecomment-554241003],

And in addition, It is working when we using Http instead of Https, all is OK when we use http, we can receive the "onopen onmessage" and so on, but Https can not.

[gimite]

As mentioned above, it is often helpful to try it with Chrome to see if it works.

I'm not so sure but I guess self-signed certificate is rejected by default, as browsers do when you access a self-signed HTTPS web site. Did you do anything special to workaround it e.g., installing a corresponding certificate to the client machine?

[GiKyouGetsu]

Hi @gimite we changed the server.ssl.enabled-protocols = TLSv1.2 to TLSv1 and changed some

ciphers and now is working fine, thank you for your help.

[GiKyouGetsu]

Hi @gimite, I find a very strange case, when I connected websocket succefully, after about 1 hour later, the socket will disconnected automatically, and server side can not receive the disconnected event, and I get the message "[websocket closed]" in console from IE, can you help me ?

Below is conslog log :

[gimite]

Maybe something in-between (like a router) disconnected the TCP connection? Disconnection can happen (e.g., the network can be disconnected), and the application should somehow handle it (reconnect automatically, show an error message, etc.).

[GiKyouGetsu]

HI @gimite As I mentioned in last comment form me, I get error code frame.opcode = 1001 ( from your code as attached pic), how can i get this event, where is the event (1001) came from? Flash player or my web socket server? I think it does not come from my web app server, because I did not see the error or other messages from my socket server, does flash player have some configuration or not? Or does it matter if we use flash player version 32? If it is matter, Which version should we use. below is the screen shot form WebSocket.as file:

[gimite]

That looks like a packet sent from the server.

[JayBishop]

@GiKyouGetsu Hey man, How did you set your ciphers ? I have the same issue,and set protocols to TLSv1 but still not work.Please let me know how to set the ciphers ,thanks!

[GiKyouGetsu]

Hi @JayBishop, using ciphers

TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_RC4_128_MD5,TLS_RSA_WITH_DES_CBC_SHA is working for me, if you using springboot you config this like this: server.ssl.key-store = keystore.p12 server.ssl.key-store-password = password server.ssl.key-store-type = PKCS12 server.ssl.key-alias = selfsigned server.ssl.ciphers = TLS_RSA_WITH_AES_256_CBC_SHA,TLS_RSA_WITH_3DES_EDE_CBC_SHA,TLS_RSA_WITH_AES_128_CBC_SHA,TLS_RSA_WITH_RC4_128_SHA,TLS_RSA_WITH_RC4_128_MD5,TLS_RSA_WITH_DES_CBC_SHA server.ssl.enabled-protocols = TLSv1