3

i'm trying to connect to my Socket.IO server on Node.JS from a PHP webpage.

I've created a self-signed certificate using the command:

openssl req -newkey rsa:2048 -nodes -keyout self.key -x509 -days 365 -out self.crt

And then, i created a HTTPS server in Node.JS

                  require("dotenv").config();
const express   = require("express");
const consign   = require("consign");
const app       = express();
const http      = require("http").createServer(app);
const https     = require("https");
const fs        = require("fs");
const server = https.createServer({
    key: fs.readFileSync("./config/ssl/self.key", "utf8").toString(),
    cert: fs.readFileSync("./config/ssl/self.crt", "utf8").toString(),
    rejectUnauthorized: false
}, app);
const io        = require("socket.io")(server.listen(4000), {cors: true, origins: ["*"], rejectUnauthorized: false});
const cors      = require("cors");

app.use(cors());
app.use(express.json());
app.use(express.urlencoded({ extended: false }));

io.on("connection", (socket) => {
    let logger = app.app.models.logger;
    logger.log(logger.logType.Debug, "Server", `New socket client connected ${socket.id}`);

    socket.on("disconnect", () => {
        logger.log(logger.logType.Debug, "Server", `Socket client disconnected ${socket.id}`);
    });
});

consign()
        .include("./app/routes")
        .then("./app/models")
        .into(app, io);

module.exports = app;

But, when i try to connect with Socket.IO from my web client, it throws a net::ERR_CERT_AUTHORITY_INVALID error in console

const socket = io("https://localhost:4000", {"reconnectionAttempts": 5, "secure": true});
João Pedro
  • 115
  • 1
  • 12
  • Bad SSL, did you set it up for localhost, and port 4000? Maybe try everything on port 443. – BGPHiJACK Mar 26 '21 at 18:48
  • @blanknamefornow i've tried this before, but the same error throw on browser console – João Pedro Mar 26 '21 at 20:44
  • What browser are you using? Most browsers won't accept self-signed SSL certs, you generally need to explicitly enable support. [Read more](https://stackoverflow.com/questions/7580508/getting-chrome-to-accept-self-signed-localhost-certificate). – superhawk610 Mar 26 '21 at 22:33
  • @superhawk610 I'm using Google Chrome, may i force him to accept my own self signed certificate? – João Pedro Mar 29 '21 at 13:28
  • Check the link I posted in my previous comment - in general, browsers won't accept SSL certificates over localhost, you'll need to enable a browser flag. In general, you shouldn't need to use HTTPS on localhost, just use HTTP instead. Once you've deployed your application and can access it via a [FQDN](https://en.wikipedia.org/wiki/Fully_qualified_domain_name), you can use a trusted certificate authority like [LetsEncrypt](https://letsencrypt.org/) to generate a valid SSL certificate that all browsers will accept, no further browser configuration required. – superhawk610 Mar 29 '21 at 16:07
  • @superhawk610 Thanks! – João Pedro Mar 30 '21 at 22:25

0 Answers0