node.js - iOS Safari fails to connect to secure websocket, but works on desktop -


i have node.js https server using non-self-signed certificates. believe godaddy, not sure though. employer provided me key , cert files.

server:

var fs = require('fs')   , server = require('https').createserver({       key: fs.readfilesync( __dirname + "/key.pem" ),       cert: fs.readfilesync(__dirname + "/cert.pem" )     })   , websocketserver = require('ws').server   , websocketserver = new websocketserver({       server: server,     })   , port = 8080;  server.listen(port, function(){ console.log('listening on ' + server.address().port) }); 

client:

var websocket = new websocket('wss://my.website.com:8080'); 

this code works expected on desktop chrome, safari, , firefox. client able connect the secure websocket. however, trying on ios 9.3.1 safari gives me following error:

the operation couldn't completed.(osstatus error -9807.)

osstatus showed me caused invalid certificate chain. unfortunately, here knowledge of ssl begins fade. after additional googling, tried multiple combinations of following options accepted https.createserver():

secureprotocol: "sslv3_method", rejectunauthorized: false, ciphers: 'ecdhe-rsa-aes256-sha:aes256-sha:rc4-sha:rc4:high:!md5:!anull:!edh:!aesgcm', honorcipherorder: true, requestcert: false 

none of them have worked far. have seen ca option (certificate authority) not not know find file, examples online suggest used self-signed certs?

any appreciated, thanks!

somehow putting nginx in front of node app seemed fix issue. able following configuration working pretty (taken this tutorial):

server {      listen 443;     server_name *.website.com;     ssl    on;     ssl_certificate    /etc/ssl/cert.pem;     ssl_certificate_key    /etc/ssl/key.pem;      location / {         proxy_pass https://pr.iv.ate.ip:8080;         proxy_http_version 1.1;         proxy_set_header upgrade $http_upgrade;         proxy_set_header connection 'upgrade';         proxy_set_header host $host;         proxy_cache_bypass $http_upgrade;     } } 

still big ¯\_(ツ)_/¯ why doesn't work node, again knowledge of ssl (and server configuration in general) still limited.


Comments

Popular posts from this blog

java - nested exception is org.hibernate.exception.SQLGrammarException: could not extract ResultSet Hibernate+SpringMVC -

sql - Postgresql tables exists, but getting "relation does not exist" when querying -

asp.net mvc - breakpoint on javascript in CSHTML? -