1

I have a Laravel-Websockets server running on IIS 10. When I run the website from http://example.com/, then Laravel-Echo sends the websocket ping using ws:// and not wss:// and everything is working - connection via websocket is successfull.

But when I run my website from https, then Laravel Echo forces wss:// (And I guess I can't use ws while running https.

So I then added the following to the code:

  1. The PEM certificate path in the .env file:

    LARAVEL_WEBSOCKET_LOCAL_CERT="D:\certs\cert.pem"

And in the websocket.php config file:

'local_cert' => env('LARAVEL_WEBSOCKET_LOCAL_CERT', null),

I also edited the broadcasting.php config file to use https and change some curl option as seen in the docs:

'pusher' => [
    'driver' => 'pusher',
    'key' => env('PUSHER_APP_KEY'),
    'secret' => env('PUSHER_APP_SECRET'),
    'app_id' => env('PUSHER_APP_ID'),
    'options' => [
        'cluster' => env('PUSHER_APP_CLUSTER'),
        'host' => '127.0.0.1',
        'port' => 6001,
        'scheme' => 'https',
        'curl_options' => [
            CURLOPT_SSL_VERIFYHOST => 0,
            CURLOPT_SSL_VERIFYPEER => 0,
        ]
    ],
],

And lastly in the frontend I changed the Echo settings to use wss with wss port key:

window.Echo = new Echo({
    broadcaster: 'pusher',
    key: 'your-pusher-key',
    wsHost: window.location.hostname,
    wsPort: 6001,
    wssPort: 6001,
    disableStats: true,
});

But now whenever I try to connect to wss instead of ws, it says (pending) then Finished and it's N/A in the devtools.

And I can't debug because there are no errors that tell why the connection fails

And again, when I change the address back to http:// and it tries to connect via ws://, it works and the connection is successful

So what can it be? Perhaps the .pem file is not right?

Edit:

I am using the same certificate used for the https connection - is it correct? Or I need a dedicated certificate specifically for the wss connection? (And then ask from the devops team to create one for me)?

The problem is, that I got the certificate as a .pfx file and I used OpenSSL to extract the.p7b file (#PKCS7 certificate) and convert it to a .pem file, and this is what I'm using for the PEM path.

But I'm not sure if it's working or whether it's the problem at all because I can't debug that.

The .pem file contents now looks like:

-----BEGIN PKCS7-----
[..long string..]
-----END PKCS7-----

But the URLs are different - The client connects from mysite-websockets.com and the client is mysite.com (for example), and I am using the SSL certificate of mysite-websockets.com (so maybe cross-origin issue?)

pileup
  • 1
  • 2
  • 18
  • 45

0 Answers0