Socket.io SSL error

Question

I'm trying to secure my web-site

Everything was ok until I've finally installed SSL certificate (from CloudFlare, not a self-signed one)

So the problem is: when I'm opening my site via HTTP - everything works perfectly, but when I'm opening it via https - site is losing connection to the host (it's needed to work)

In console I can see:

socket.io-1.4.5.js:1 GET https://188.226.131.219:8080/socket.io/?EIO=3&transport=polling&t=LlI-URk net::ERR_CONNECTION_CLOSED

If I understood correctly here is a problem with ports. Using HTTP port 80 is ok and using https port 443 has problems. Is there any way to swap ports?

Answer 1

You may try the following:

In the node.js backend, configure socket as:

var fs = require('fs');
var https = require('https');
var app = require('express')();


        var options = {
                key: fs.readFileSync('<.key location>'),
                cert: fs.readFileSync('<.cert location>')
        };
       var server = https.createServer(options, app);

server.listen(443, "0.0.0.0", function(){
        console.log('listening in port', 443);
});

In the client app you need to connect as:

 socket = io.connect(<server_ip>, {
            secure: true
        });

Answer 2

I just want to throw this out there. This was causing me a similar error and might be what you are looking for.

The socket.io examples say to use the ip address to connect your client side script to the server. Something like this:

var socket = io.connect("https://123.45.6.78:443"); 

However, once you add an "A" record for your SSL certificate, you need to use the hostname of the "A" record, not the IP address it is directing to. Like so:

var socket = io.connect("www.mysite.com"); 

Answer 3

It seems like your frontend is on http://188.226.131.219 and you have a WebSocket service on http://188.226.131.219:8080.

You have configured your frontend to use SSL certificate and it is accessible on https://188.226.131.219, but the link to you WebSocket service probably depends on the protocol and host used to load frontend, so if you load it from https://188.226.131.219, then JS in your frontend will try to connect to https://188.226.131.219:8080, but your WebSocket service listens there for HTTP requests, not HTTPS requests.

At first you will need to setup your WebSocket service to use SSL certificate too, but on a different port (e.g. 8443), then you will have to modify your frontend for it to be able to understadn how it was loaded (using HTTP or HTTPS) and figure out correct port for WebSocket service.

Answer 4

I know this is a bit old and answered by @stzoannos but you don't really need to have express installed to get it working.

I got it working like this:

const server = require("https");
const { Server } = require("socket.io");

const io = new Server({
    cors: {
      origin: "*",
    },
  });

  const folder = path.join(__dirname, "ssl");
  const privateKey = fs.readFileSync(
    path.join(folder, "server_key.pem"),
    "utf8"
  );
  const certificate = fs.readFileSync(
    path.join(folder, "server_cert.pem"),
    "utf8"
  );

  const SSL_CONFIG= {
    key: privateKey,
    cert: certificate,
    ca: [certificate],
    requestCert: false,certificate, tested and it works
    rejectUnauthorized: false,
  };

  const WEB_SERVER = server.createServer(SSL_CONFIG);

  WEB_SERVER.listen(1102);
  io.listen(WEB_SERVER);

You need to have .pem files in ssl directory. Please set cors properly as per your requirement.