Open Pierozi opened 8 years ago
Pierozi
commented
8 years ago @Hywan next step is to make real test with anothers Clients. Yesterday i've tried with Go Client Gorilla but the support of TLS is not esay to enable.
The Browser client like Chrome still don't work, but I only make test with self-signed TLS certificate. If anyone know how to reprocude this context on Javascript client, please leave a comment.
Hywan
commented
8 years ago @Pierozi Why not having a self-signed certificate for both the client and the server and test with Hoa\Websocket\Client and Hoa\Websocket\Server? Where is the issue with this strategy?
Pierozi
commented
8 years ago Huh ? Both ? It's web standard SSL handshake is one way, server side certificate.
My patch fix TLS issue for let Hoa\WebSocket\Client work with Hoa\WebSocket\Server
now we need make it compatible with others clients, and maybe is not an Hoa issue.
You see if you setup Server with encryption, the client cannot work with the propers settings. because it's responsabilities to client to allow self-signed certificate and not verify host. it's HTTPS rules
rokha
commented
7 years ago Hi @Pierozi and @Hywan I used this library into my PHP+Angular application and got an SSL certificate from letsencrypt. Post that I couldn't connect to the server as it would fail authentication. @Pierozi my client was in JS and I tested from Chrome and Mozilla while the server is LAMP with Laravel. Eventually, I switched back to http. I was wondering if you guys had a chance to peek under the hood again.
Since I am new to websockets, I couldn't come up with a solution. Let me know if I can help.
Pierozi
commented
7 years ago @rokha thanks for your feedback, issue is clearly related to our implementation of Hoa\Http beside Hoa\WebSocket the SSL Handshake fail.
Let's encrypt is a good candidate for our test, i will try to update my POC today with it and let you know.
btw, you didn't know a WebSocket client supporting TLS ?
rokha
commented
7 years ago @Pierozi Initially I tested with a chrome extension I found. I tested Hoa\WebSocket for ws only. Later when my application started to work as expected, I switched ws to wss and it didn't. I hope this is what you were looking for.
Pierozi
commented
7 years ago Hello @rokha, after couples research it seems no one really care about direct TLS encryption of websocket server because in real use case you will certainly have a Load balancer or Proxy webserver like Nginx who will deal the encryption and forward into your private network the websocket.
Hywan
commented
7 years ago ping? https://github.com/hoaproject/Websocket/pull/78 has been merged. Can we close this one?
Pierozi
commented
7 years ago Encryption work between our Client and Server, but not with HTTPS Client.
Hywan
commented
7 years ago @Pierozi What should we do to get it works?
The TLS support of WebSocket is partially working. The
enableEncryptionmethod was forgot in Server side.I've open a PR with demo on my Fork for trying to make it work. (certificate included) Once the enableEncryption are fix; the php client are working, but not a web browser.
https://github.com/Pierozi/Websocket/pull/1/files#diff-5a72b4fa5efc1217f53f085c8580c79eR94
Maybe this is due to my certificate, self-signed, works great with php client because i've set context who allow self-signed and not verify peer.
If anyone have time to test it with real certificate, that could be good.