Getting this webSocket error at site https://yoga.sightica.com/class/ console. Backend Django and deployed in AWS using elastic beanstalk.
Firefox can’t establish a connection to the server at wss://yoga.sightica.com/class/.
main.js:76:16
or in google chrome
main.js:76 WebSocket connection to 'wss://yoga.sightica.com/class/' failed:
(anonymous) # main.js:76
and this is my main.js file line 76
webSocket = new WebSocket(endPoint);
I have configured Django channels and Redis elastic cache using their official docs.
option_settings:
aws:elbv2:listener:80:
DefaultProcess: http
ListenerEnabled: 'true'
Protocol: HTTP
Rules: ws
aws:elbv2:listener:443:
ListenerEnabled: 'true'
Protocol: HTTPS
SSLCertificateArns: <substituted my ARN FROM AWS CERTIFICATES MANAGER>
SSLPolicy: ELBSecurityPolicy-2016-08
Rules: ws
aws:elbv2:listenerrule:ws:
PathPatterns: /ws/*
Process: websocket
Priority: 1
aws:elasticbeanstalk:environment:process:http:
Port: '80'
Protocol: HTTP
aws:elasticbeanstalk:environment:process:websocket:
Port: '5000'
Protocol: HTTP
This is my elastic beanstalk configuration. I need a proper .config file, other config tutorial are not deploying in elastic beanstalk for me.
i have used this Procfile (substituted my path)
web: gunicorn --bind :8000 --workers 3 --threads 2 <your_app>.wsgi:application
websocket: daphne -b 0.0.0.0 -p 5000 <your_app>.asgi:application
I need to get websocket in a HTTPS page, since i need to access webcam.
And the websocket is working in localhost.
( WebSocket() function can be seen here https://developer.mozilla.org/en-US/docs/Web/API/WebSocket )
Related
im very new to nodejs so bare with me
so i have a nodejs server which i use to inject live data to my php/laravel website via socket.io
i run my nodejs server in port 3002 and apache is using port 80
so my node server is running on
http://78.47.222.225:3002
so i noticed clients who use vpn or proxy cant connect to my nodeserver address and websocket connection fails for them
after asking in this question it was suggested its bcuz vpn is fire walling unusual ports
nodejs server doesn't respond when clients use vpn or proxy
so i maped a address to 3002 port , so basically
http://example.com/server ---proxying---> http://78.47.222.225:3002
so now when i go to http://example.com/server i get
Hello World!
which means its working but in my homepage http://example.com when i try to connect to the server via socket.io it fails ... homepage source
<html>
<head>
<script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.3.0/socket.io.js" ></script>
</head>
<body>
<script>
const socket = io.connect("http://example.com/server" , {transports:['websocket']});
socket.on('connect', function () {
console.log('connected!!!') ;
});
</script>
</body>
</html>
not sure why is this happening but in my console i see it trying to connect to this address
WebSocket connection to 'ws://example.com/socket.io/?EIO=3&transport=websocket' failed: Error during WebSocket handshake: Unexpected response code: 301
r.doOpen # index.js:83
but shouldn't it try the example.com/server/socket.io ? considering i gave http://example.com/server to io.connect ?
it works fine when i try connecting via ip:port ... try this address to connect via ip:port instead of proxy address
http://example.com?port=1
const socket = io.connect("http://78.47.222.225:3002" , {transports:['websocket']});
socket.on('connect', function () {
console.log('connected!!!') ;
});
basically
io.connect("http://example.com/server")
tries to connect to
ws://example.com/socket.io
which will fail even tho server works with this address example.com/server ... i think it should connect to ws://example.com/server/socket.io ?
but
io.connect("http://78.47.222.225:3002")
will connect to
ws://78.47.222.225:3002/socket.io
and it works !
proxy setting
<VirtualHost xxx.xxx.xxx.xxx:443 >
.....
.....
<Location /server>
ProxyPass http://localhost:3002/
ProxyPassReverse http://localhost:3002/
</Location>
</VirtualHost>
Your proxy setting indicates a VHost on port 443, which is default port for SSL.
But your requests with bia2roll.com are unsecure (http:// or ws://).
Secure your server by adding SSL (Let's encrypt) and call it with https or wss
or
Unsecure your server by binding on the port 80
There seems to problem with your proxy settings:
You can try this: WebSockets and Apache proxy : how to configure mod_proxy_wstunnel?
I have Web Socket that works perfectly fine on localhost and production (https://www.example.com) environment.
However, when I deploy the same code to pp environment (https://pp.example.com) I get WebSocket handshake: Unexpected response code: 404
I have AWS certificate manager generated certificate for domain example.com, with additional domain name www.example.com and pp.example.com
www.example.com and pp.example.com are sitting on different server so they have different ip addresses.
When I go to www.example.com and make the following call,
let ws = new WebSocket("wss://www.example.com/ws");
It works perfectly fine.web socket is connected.
However, when I switch to pp.example.com and make the following call
let ws = new WebSocket("wss://pp.example.com/ws");
I get error from Safari, Firefox and Chrome:
WebSocket connection to 'wss://pp.example.com/ws' failed: Error during
WebSocket handshake: Unexpected response code: 404
Any ideas?
The code are exactly the same.
They are deployed on aws beanstalk.
production environment is using global accelerator + application load balancer + EC2
pp environment is using classic load balancer + EC2
The problems lies in load balancer's listener.
I was using HTTPS for traffic forwarding, while web socket works on TCP level, therefore, it should be SSL TCP instead.
See the attached screenshot at the following for load balancer
I have an application which is using PeerJS for video streaming, and I'm using a node based Peer Server running on an Ubuntu Server instance, over HTTPS (SSL certificates installed on the server).
This is how I instanciate my PeerServer :
var server = PeerServer({
port:55127,
path:'/',
debug:true,
ssl:{
key: fs.readFileSync('/etc/apache2/ssl/mykey.key'),
cert: fs.readFileSync('/etc/apache2/ssl/mycert.crt')
}
});
This is how I create a peer connection :
var peer = new Peer('peerHost',{host: 'myhost.com', port: 55127, path: '/'})
Regarding ports, I have allowed 55127 both in UFW and in the router.
For some strange reason, my peer connections and video streaming are working perfectly in the LAN, but failing over the internet - although sometimes they work, for instance in occasions over a 3G mobile network.
While debugging the Peer connection, I stumbled upon these "errors":
PeerJS: VP9 Codec: null
PeerJS: iceConnectionState is disconnected, closing connections to (...)
No errors on the server side, all these are either on the host or on the client.
This issue is similar to this, this and this.
Does anyone have any idea of what could be wrong and how it could be fixed ?
Thanks in advance.
OK, seems that I was suffering from this issue, where a very common NAT/Firewall scenario, in any home-used router would block the ports that my PeerJS server needed to access, thus inhibiting the broker connection, and not allowing the video to be streamed.
The solution was to use an intermediate TURN server in order to override the NAT settings.
var peer = new Peer({host: 'host.com', port: 55127, path: '/', debug:true, config: {'iceServers': [{ url: 'stun:stun.l.google.com:19302' },{ url: 'turn:numb.viagenie.ca', username: 'username#gmail.com', credential: 'password' }]}});
So I inherited a Nodes.js app which I am running on a Vagrant box.
I have the app binding to "0.0.0.0", and it has its own server.key and certs in the securekey folder.
var https = require('https');
var fs = require('fs');
var ssl_options = {
key: fs.readFileSync('./securekey/server.key'),
cert: fs.readFileSync('./securekey/server.crt'),
ca: fs.readFileSync('./securekey/ca.crt')
};
https.createServer(ssl_options, app).listen(3001, '0.0.0.0');
When I run the app, I expected to be able to access it on my Windows (Vagrant is running on my Windows PC) browser via the URL https://localhost:3001
But I get "Secure Connection Failed" on Mozilla.
I did tried this on Windows pc using Cygwin:
$ openssl s_client -host 127.0.0.1 -port 3001
CONNECTED(00000003)
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 316 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1461923745
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
And
$ curl -v -k 'https://localhost:3001'
* STATE: INIT => CONNECT handle 0x6000574a0; line 1103 (connection #-5000)
* Rebuilt URL to: https://localhost:3001/
* Added connection 0. The cache now contains 1 members
* Trying 127.0.0.1...
* STATE: CONNECT => WAITCONNECT handle 0x6000574a0; line 1156 (connection #0)
* Connected to localhost (127.0.0.1) port 3001 (#0)
* STATE: WAITCONNECT => SENDPROTOCONNECT handle 0x6000574a0; line 1253 (connection #0)
* ALPN, offering h2
* ALPN, offering http/1.1
* Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:#STRENGTH
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: none
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* STATE: SENDPROTOCONNECT => PROTOCONNECT handle 0x6000574a0; line 1267 (connection #0)
* Unknown SSL protocol error in connection to localhost:3001
* Curl_done
* Closing connection 0
* The cache now contains 0 members
curl: (35) Unknown SSL protocol error in connection to localhost:3001
But these commands are returning successful connections when run on the Vagrant vm terminal!
What do I need to do to get my Windows PC/browser to accept the app's certificates so that I can access the app from Mozilla Firefox? Since it already has server.key and certs, surely I do not need to generate my own keys again for the app to use?
EDIT:
Here is my Vagrant file:
Vagrant.configure(2) do |config|
config.vm.box = "centos7"
config.vm.network "forwarded_port", guest: 3000, host: 3000, auto_correct: true
config.vm.network "forwarded_port", guest: 3001, host: 3001, auto_correct: true
end
I've only got the port forwarding configs..the rest are default.
And when the app is running on Vagrant, netstat shows that the port is listening for connection
$ netstat -an | grep 3001
TCP 0.0.0.0:3001 0.0.0.0:0 LISTENING
And when I access https://localhost:3001 on the browser, I see this:
netstat -an | grep 3001
TCP 0.0.0.0:3001 0.0.0.0:0 LISTENING
TCP 127.0.0.1:3001 127.0.0.1:49651 ESTABLISHED
TCP 127.0.0.1:49651 127.0.0.1:3001 ESTABLISHED
Seems like the port connections are fine, but vm is not able to return data.
After much digging around I stumbled upon this comment:
https://unix.stackexchange.com/a/255404
Because I was on CentOS 7, disabling firewalld did the trick for me. I didn't realize the change. In a sense, the note from joelnb to check iptables in his answer comments is the right direction (thanks!). Do check your OS's firewall and try disabling it to see if it helps with the issue. If yes, then you can proceed to configure a rule for the port if you wish.
For CentOS 7, to open a port on firewalld:
centos 7 - open firewall port
I hope this helps somebody.
I suspect that you don't have the port forward setup in your Vagrantfile because I get that exact error if I don't/if nothing is listening on that port. Does your Vagrantfile look like the following? The forwarded_port part is the important bit.
Vagrant.configure(2) do |config|
config.vm.box = "ubuntu/trusty64"
config.vm.network "forwarded_port", guest: 3001, host: 3001
end
Otherwise could you please post your Vagrantfile and I will revise my answer.
I have a WorkerRole configured to start node.exe via the Runtime/EntryPoint/ProgramEntryPoint element in the csdef and have a HttpsIn EndPoint configured for https on port 443 w/ a valid certificate. I'm also setting the PORT environment variable in Runtime/Environment which is used by node to listen on for incoming requests.
When I start the service (either in local dev fabric or in Azure) and try to hit the service I get the following error:
SSL connection error
Unable to make a secure connection to the server. This may be a problem with the server, or it may be requiring a client authentication certificate that you don't have.
Error 107 (net::ERR_SSL_PROTOCOL_ERROR): SSL protocol error.
I have verified that node.exe is indeed started when the service starts, and if I look up the local port in the Compute Emulator, usually something like:
http://localhost:444
I am able to successfully hit node directly with that using my browser. I am also able to hit node through Azure when SSL is not configured.
What am I missing? Thanks!
The issue was that I was using the http module instead of the https module when starting the web server in Node. Works once I started the https server using the ssl certificate.
I was following a guide for SSL w/ Node in a WebRole, which requires a different set up than SSL w/ Node in WorkerRole.