I have a node server (Meteor.js) that should municate with another server using websockets. As the munication is between servers that don't involve direct users, I've chosen to use a self signed certificate.
Where to add the certificate parameters from the node server (which is a client to the other server)
var soc = new WebSocket("wss://localhost:9000")
I've tested connecting in insecure mode with certification and it works fine.
var soc = new WebSocket("ws://localhost:9000")
Connecting from android application in secure mode after adding the certificates to the application works fine too.
I have a node server (Meteor.js) that should municate with another server using websockets. As the munication is between servers that don't involve direct users, I've chosen to use a self signed certificate.
Where to add the certificate parameters from the node server (which is a client to the other server)
var soc = new WebSocket("wss://localhost:9000")
I've tested connecting in insecure mode with certification and it works fine.
var soc = new WebSocket("ws://localhost:9000")
Connecting from android application in secure mode after adding the certificates to the application works fine too.
Share Improve this question edited May 30, 2017 at 9:41 b26 asked May 29, 2017 at 13:17 b26b26 6761 gold badge7 silver badges26 bronze badges 2- The easiest way would be to use NGINX to handle the Secure Connections, you also never need a self-signed cert, use a certificate issued by Let's Encrypt! Here are some guides on NGINX as a reverse Proxy and NGINX with LE: LE and NGINX, Node and NGINX Hope I could help you! – Luca Kiebel Commented May 29, 2017 at 13:45
- Thanks, but If I use a self signed certificate from Let's Encrypt, I won't even need NGINX. – b26 Commented May 30, 2017 at 12:21
2 Answers
Reset to default 15I've found this solution, the part that allows the client to connect to a secure socket with a self-signed certificate is:
"rejectUnauthorized: false"
It accepts all certificates but it still keeps the connection encrypted.
'use strict';
var WebSocket = require('ws');
var soc = new WebSocket("wss://localhost:9000", {
protocolVersion: 8,
origin: 'https://localhost:9000',
rejectUnauthorized: false
});
console.log("launched");
soc.onopen = function (event) {
console.log("Sending message");
soc.send('{}');
};
soc.onmessage = function (event) {
console.log(event.data);
}
soc.on('error', function(event) {
console.log(event);
});Short and simple solution, add below line at top level of file (just after import section).
process.env["NODE_TLS_REJECT_UNAUTHORIZED"] = 0;
But you must be aware that, though data send / received are encrypted, still this is insecure as anybody with self signed root ca certificate can connect to application.