PrivateChannel Handshake Error

[mehmetgultekin]

Hello,

First of all this is a great plugin thank you.

Public channel works great however i could not manage to get private channels working. It keeps getting error below:

HandshakeException: Handshake error in client (OS Error: CERTIFICATE_VERIFY_FAILED: application verification failure(handshake.cc:393))

channels["private"] ??= client!.privateChannel( "user-USERID", TokenAuthorizationDelegate( authorizationEndpoint: Uri.parse('http://MYLARAVELAPP.com/api/broadcasting/auth'), headers: {'Authorization': "Bearer MYBEARERTOKEN"} ), onAuthFailed: (PusherAuthenticationException error) { print("authfailed $error"); } );

Maybe this is Laravel related problem, i want to ask if anyone has this problem too.

Thank you again.

[kerimamansaryyev]

Hello, I am very glad to see that the plugin is helpful.

Regarding the issue: CERTIFICATE_VERIFY_FAILED is related not to the plugin but to your authentication backend. So here are several workarounds:

1. Does your backend include SSL certificate? If yes - replace 'http' with 'https' in your link.
2. If your backend does not have SSL certificate, I recommend to install some SSL certificate to. your backend and then follow workaround 1.
3. Your SSL certificate may be installed not correctly or corrupted.

[kerimamansaryyev]

Closing the issue due to it is related to the server-side. Try reinstalling your SSL certificate and then replace http scheme to https in your link. Also, please, check the workarounds described in above comment.

[mehmetgultekin]

Thank you fast response.

Even though i used http still got that error. However as you mentioned it's server-side error. I kinda fixed with code below:

Route::middleware('auth:sanctum')->post('/broadcast/auth',function (Request $request) { $pusher = new Pusher\Pusher(env('PUSHER_APP_KEY'), env('PUSHER_APP_SECRET'), env('PUSHER_APP_ID')); return $pusher->socket_auth($request->request->get('channel_name'), $request->request->get('socket_id')); });

It's not a good solution but at least i can get it working.

However on Laravel side if i use PrivateChannel instead of Channel still not working. But i check authorization in routes so it works.

Thank you again.

[kerimamansaryyev]

TokenAuthorizationDelegate makes request to the provided auth API gateway, a.k.a http://mylaravelapp.com/api/broadcasting/auth. The request fails on Network layer (web-server responds that there is a problem with SSL certificate). So all you need is to check SSL certificate you installed for mylaravelapp.com this domain. And use then https scheme -> https://mylaravelapp.com/api/broadcasting/auth'.

[mehmetgultekin]

I will try again for SSL. Thank you.

[kerimamansaryyev]

@mehmetgultekin Did you manage to get it working?

[mehmetgultekin]

@mcfugger yeah. i did it. everything works perfect. i fixed the ssl problem and got it working fine.

"However on Laravel side if i use PrivateChannel instead of Channel still not working. But i check authorization in routes so it works." this is still problem but it is ok. I manually check subscription authorization so even though i broadcast public channel everything works fine.

public function join(User $user)
{
    return Auth::check() && Auth::id() === $user->id;
}

Great package thank you again ^^

[YassineChe]

@mcfugger I don't think the problem at authentification itself Because the error aise in the connection in the first place .connect() before subscribing any event

I/flutter (25227): WebSocketChannelException: WebSocketChannelException: HandshakeException: Handshake error in client (OS Error:
I/flutter (25227):  CERTIFICATE_VERIFY_FAILED: unable to get local issuer certificate(handshake.cc:393))

For me i'm using Laravel websockets from beyondcode and i'm getting the same error, Knowing that it's work fine with my web/front-end using wss over https

Can you please guide us!

EDIT: While submitting this comment i test it on IOS, and it's work fine.. (NOT WORKING IN ANDROID)

[YassineChe]

Fixed!

For android you need to register your SSL certificate!

main.dart :

//? Register a cert
ByteData data = await PlatformAssetBundle().load(
    'assets/certs/ca.crt',
);
SecurityContext.defaultContext.setTrustedCertificatesBytes(
    data.buffer.asUint8List(),
);

And it's works successfully 😍

@mcfugger, Thanks for this great library, and please keep it up-to-date 🙏🏻👌🏻

[kerimamansaryyev]

Thank you guys, it motivates me 😃😃😃 @mehmetgultekin @YassineChe