1

My Websocket WS works fine.But When I use WSS , it fails with below error.

WebSocket connection to 'wss://mywebsocket.ca/' failed: Error in connection establishment: net::ERR_INSECURE_RESPONSE It feels some SSL issue. I have my certificates configured properly and all other url through this ELB works fine. my Ws curl works good.

What could be the issue? Could it be the listerner configuraiton of ELB for HTTPS is not done properly.

I am just using some chrome extensions to connect Websocket.No code here.

Janier
  • 3,982
  • 9
  • 43
  • 96

1 Answers1

1

This took me a while to figure out. I hope I haven't forgotten anything in the answer below as it was a while ago I did it.

First of all you need to bypass CloudFront as it doesn't run well with websockets (unless something has changed recently). Setup an A alias Route 53 record pointing to your load balancer (i.e. websockets.domain.com).

Setup a listener for your port in your in your load balancer (i.e. 5678). Note that you should use SSL (Secure TCP) protocol. You also need a SSL certificate to your listener. Use ACM for this, it gives you the option there.

enter image description here

Remember to change your websockets connection to use this new connection as well.

Gustaf
  • 1,299
  • 8
  • 16
  • I have cloudfront which points to my S3 bucket where websocket client is written..Does this mean it wont work ? – Janier Dec 05 '17 at 02:19
  • I don't understand how your architecture looks like now. You say that you have an ELB? Behind an ELB you have EC2 instances and that is what the answer is to. I am pretty sure you need CloudFront to be able to use an SSL certificate for an S3-bucket, which that means that it wouldn't work. – Gustaf Dec 05 '17 at 02:32
  • ELB has Websocket server.And S3 has websocket angular client. S3 has cloudfront in front of it to support SSL.. So S3 talks to ELB. So it wont work? – Janier Dec 05 '17 at 02:44
  • Alright ok. If the websocket server is behind the ELB it should work. Just make sure your client use wss://websocket.domain.com when connecting. – Gustaf Dec 05 '17 at 04:45
  • My WSS is not still working.It gives Error in connection establishment: net::ERR_INSECURE_RESPONSE – Janier Dec 07 '17 at 20:10
  • I went through our setup again and if you follow the steps your websocket running in Elastic Beanstalk should work. I can't see it matter where your client runs. The only thing I can think of is that you still would be connecting on port 80 and not the port designated for secure connection. Test it by closing port 80 and try to connect with your client. – Gustaf Dec 12 '17 at 03:46
  • It was a problem with my certificates...it had nothing to do with websockets – Janier Dec 12 '17 at 07:03