Can't connect to websocket server..
I use the exact same private.key and public.crt that I use with nginx
The cert is self-signed but works fine with the rest of the website over HTTPS via nginx
The websocket server works when using ws:// when the line with http.ListenAndServe() is uncommented
package main
import (
"flag"
"fmt"
"log"
"net/http"
)
const PORT uint = 8000
func main(){
host := parse_flags()
hub := newHub()
go hub.run()
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
serve(hub, w, r)
})
server_host := fmt.Sprintf("%s:%d", host, PORT)
log.Println("Server listening on:", server_host)
err := http.ListenAndServeTLS(server_host, fmt.Sprintf("/var/ini/ssl/%s/public.crt", host), fmt.Sprintf("/var/ini/ssl/%s/private.key", host), nil)
//err := http.ListenAndServe(server_host, nil)
if err != nil {
log.Fatal("ListenAndServe:", err)
}
}
It looks like newest version of Chrome now rejects SHA-1 certs as being insecure. You probably need to move to SHA-2 certs.
I had the same error, but I don't know your urls.
I used https://localhost:port for HTTPS and wss://127.0.0.1:port for WS. So I had to accept the cert for https://localhost and https://127.0.0.1 (only in Chrome).
I was struggling with this issue and many others until I realized I was looking in the wrong place for my key files all together!
First off, the cert and key both need to be .PEM files. I'm using Let's Encrypt, so it was a little easier for me to find the right place (which was /etc/letsencrypt/live/domainName).
If you used a wizard to install your SSL certificate like I did, then you'll need to do a little research on the certificate provider. Just look up where your keys are installed by them and find the .PEM files that seem appropriate for a "cert" and "key".