Error when connecting to a secure Socket.io connection using self signed certificate from a browser app

Question

Socket.io client API documentation suggests that the client should pass the self signed certificate in the connection request to the server:

// client-side
const socket = io({ca: fs.readFileSync('server-cert.pem'),rejectUnauthorized: false});

This works great in a node environment.

How to make this work in a BROWSER javascript app? I am facing two issues:

1. How can I include the certificate file in the browser app? readfileSync cannot find the file
2. If I only include rejectUnauthorized: false in the options, it works fine for node, but still doesn't work in the browser (Firefox, Chrome)

I have tried everything, such as below but nothing is working

https.globalAgent.options.rejectUnauthorized = false;
process.env.NODE_TLS_REJECT_UNAUTHORIZED = '0';

Is my only option to get a properly signed certificate?

Answer 1

Not sure exactly what happened, but it's working from Chrome now. To summarize, here's what I had to do:

Create self signed certificates and trust them Run the node based socket.io server using these certificates (code snippet below). Make sure your cert applies to the specified 'url'

const Io = require("socket.io");
const httpsServer = https.createServer(myCerts, expressApp);
httpsServer.listen(port, 'url', () => console.log(`listening on HTTPS port ${port}!`));
const io= new Io(httpsServer);

In the node client, I can pass the certificate along with the connection request

// node client
const io = require("socket.io-client");
const socket = io({ca: fs.readFileSync('server-cert.pem'),rejectUnauthorized: false});

In the browser client, only need to specify rejectUnauthorized: false in the options

// browser client
const io = require("socket.io-client");
const socket = io({rejectUnauthorized: false});