Closed tmeasday closed 10 years ago
I think the issue is the certificate meteor.com uses (and therefore atmosphere.com uses) is not one of those 100% root CA's (AddTrust). I also got the same, its advertised as 99.3%. There are cases openssl won't have this root CA. I ran into this too. If you check out the socket error response it gives something like UNABLE_TO_VERIFY_LEAF_SIGNATURE
. On meteorite
it just freezes doing nothing because there's no event attached to socket-error.
If that new option, use_ssl_strict
is set to false
it shouldn't do this anymore. Hopefully this would close this issue. The other option would be to add in the root ca manually.
We had this issue as well, for connecting to our servers. The ultimate problem was that while we had installed the SSL cert, we had not correctly chained them with the intermediate certs. After fixing that, the problem went away (and our server did https more correctly, which solved other bugs!). Node 0.8.x did not check for these issues, which is why it worked in that case. Useful tools in debugging this were the site https://www.ssllabs.com/ssltest/analyze.html , and the openssl command line tool:
openssl s_client -showcerts -connect YOUR.SERVER.COM:443
It looks like there are no current chain issues, tho -- does this bug still occur? If so, maybe it's another misconfiguration?
With the switch to faye-websockets
we lost the use_ssl_strict
option. Anyone still having this issue can open a new issue, but I'm closing this as it's had no love recently.
I'm opening this here as I'm about to switch Meteorite / Atmosphere to port 80 / no SSL.
Probably not really ideal but there are too many people with problems right now.
It'd be good figure out what the true issue is. I guess it's a problem with either ws or node itself.
When I have a free moment I'll come back and make a reproducible test case.