Category Archives: autobahn

ERR_INSECURE_RESPONSE using Twisted Autobahn Websockets

Good afternoon everyone!

Currently I am getting the following error when attempting to connect to my web app that runs under HTTPS: WebSocket connection to 'wss://localhost:8000/ws' failed: Error in connection establishment: net::ERR_INSECURE_RESPONSE. I am using the same private key and self-signed certificate for the websocket as I am for the httpd server (Apache).

I have configured my httpd.conf file per the following instructions (without optional instructions): How to set up Apache web server on Cent OS. Note that I am using Red Hat, which is very similar to Cent OS.

Here is the main part of my Twisted code that defines and connects the web resources and websocket resource (note TLS is set to True):

if __name__ == '__main__':

    # SSL server context: load server key and certificate
    # We use this for both WS and Web!
    if TLS:
        contextFactory = ssl.DefaultOpenSSLContextFactory('/etc/pki/tls/private/ca.key',
                                                          '/etc/pki/tls/certs/ca.crt')
    factory = WsProtocolFactory()
    factory.protocol = WsProtocol

    ws_resource = WebSocketResource(factory)

    root = Resource()
    root.putChild("", HttpResource())
    root.putChild("login", LoginResource())
    root.putChild("refresh", RefreshResource())
    root.putChild(b"ws", ws_resource)

    site = HttpFactory(root)

    if TLS:
        reactor.listenSSL(8000, site, contextFactory)
    else:
        reactor.listenTCP(8000, site)

    reactor.run()

I tried using ProxyPass in the httpd.conf file, but does not seem to work. Here's a link to the example I tried: Websockets not working with HTTPS in an Apache Proxy .

Any help would be greatly appreciated! Thank you so much.

Brian

Ratchet websocket on different port than 8080

I created a chat system using Ratchet websocket on the server side and autobahn js for the client side.

It is working well on my localhost and amazon ec2 instance. But i'm using a PAAS solution now so the server is already set up and port 8080 is already used.

I tried to use port 443 but it throws a permission denied when i launch ratchet.

Here the answer of the PAAS support (cloudways) :

I would like to inform you that we have a managed web stack and it includes Nginx varnish Memcached MySQL apache. We have designed our web stack in such a way that we get both performance and stability out of it , as we know Nginx is well known for performance and Apache for Stability so we used them both and put varnish in between creating a perfect combination so that all the static content is served by Nginx then it passes Dynamic content to Apache which is cached by Varnish in between so we get stability from back and speed from front.

In our web stack, the Nginx listens on Port 80, Varnish cache server listens on 8080 and Apache listens on 8081, As we have automated and managed web stack, we can not change the Ports configurations. I would suggest you to kindly configure your web socket according to our web stack.

I defined two parameters to be able to change the port on the production server :

ratchet.port: 8080
ratchet.protocol: wss

Therefore on the server side :

$server = IoServer::factory(
    new HttpServer(
        new WsServer(
            new WampServer(
                $chat
            )
        )
    ),
    $port
);

And client side :

var conn = {};
var server = se.siteUrl.replace('https://', se.ratchetProtocol+'://').replace('http://', se.ratchetProtocol+'://'); // Replace https or http by protocol (ws or wss)

console.log('connecting to '+server+':'+se.ratchetPort); // wss://domain.com:8080

// Instantiate Autobahn
conn = new ab.Session(server + ':'+se.ratchetPort, function() { ... }

So what would be the solution? What port could i use? I tried to change port to 1138, 8888, but i'm clearly not sure what i'm doing here. (No errors on server side, but client side is not communicating with ratchet).

Uncaught Autobahn not connected

How to use secure websockets (wss)?

I'm using AutobahnJS and Thruway on my website and everything works fine using a nonencrypted connection:

var connection = new autobahn.Connection({
                                             url: 'ws://www.example.com:9090',
                                             realm: 'restricted_realm'
                                         });

connection.onopen = function (session) {
    alert('yay');
};

connection.open();

However, I am unable to use a secure connection. Changing ws://www.mysite.com:9090 to wss://www.example.com:9090 results in this error in the console:

WebSocket connection to 'wss://www.example.com:9090/' failed: Error in connection establishment: net::ERR_TIMED_OUT

I have an SSL certificate on my server and can access my site via https://www.example.com.

What do I need to do to make secure websockets work?