I have Node.JS app running in Elastic Bean Stalk. I have Elastic Load Balancer set up and SSL is set up in that.
I did socket.io in my Node.JS. I had trouble accessing it because of Nginx configurations. I fixed them by using .ebextensions .
Now when i access my socket io using my HTTP URL , it works good and it uses WebSocket protocol itself. But When i use HTTPS, it switches back to polling. How can i fix this?
Is it some configuration I have to do to make it work in HTTPS?
Update : After adding {transports: ['websocket'], upgrade: false} ,its sending only websokcet requests. But still I get error as
WebSocket connection to 'wss://myurl.ca/socket.io/?EIO=3&transport=websocket' failed: WebSocket is closed before the connection is established.
The problem was with certificates.HTTPS certificates were set up for www.myurl.ca .And websocket calls were without www . It was just wss://myurl.ca.
It was a minor mistake.But changing the certificate to myurl.ca solved the issue.
Related
I have an express js client app and an express server app with almost the same istio configuration. Client cannot be accessed through its host URL while the server is working well. Curl client host URL just gives me infinite waiting. And I cannot find any related traffic log in the istio-proxy of client pod. This is very confusing. What could be the possible reason for this problem?
istioctl analyse on live cluster dose not give any helpful information
I am trying to write a c++ websocket server and have browser/chrome clients connect over websockets, for a multiplayer game. The websocket c++ library I'm using atm is websocketpp or websocket++. I wrote an app that allows clients to connect over ws and localhost, but when I add an ip for the address, connections don't occur at all. Now I think I have to use ssl and wss for ip connection? I tried it and there is some connection activity, but then the handshake times out. Could I be experiencing cross-orgin issues, or what, do i need ssl? I am new to websockets. Could the problem be my ssl certs I made with openssl? I can post code, or if you are familiar with a c++ library to do websockets, what is it? Is this even a possible thing to do?
There could be multiple reasons why it won't connect over ip.
The first is port forwarding. On a local network it's not necessary but running a server over a remote network, portforwarding has to be done. You can just run your server then use a simple port checker (there's many websites for them) to see if a connection can be established.
The other reason could be as you said ssl. If you are running your client on a web host, the host may require a connection to be made over ssl/wss for websockets. If your server isn't running a valid ssl certificate then this could prevent the client from connecting to your server. I know for exampe Github pages requires the server to be running wss or valid ssl certificates on the server side in order for a client connection to be established; however, if you use a custom domain name for Github pages then you can disable the need for ssl.
In order to get valid ssl certificates you would need to register a domain for your ip address then either buy certificates or use free certificates from zerossl or other distributors.
Here is a game I have written which connects to a c++ server which I'm running on my own machine with its own domain with valid ssl certificates and the client is running on github pages with a custom domain I have registered.
It's basically multiplayer minesweeper where the objective is to locate the flags rather than avoid them.
I am getting this error, any idea what is causing it? I read somewhere in the forum to change https to http or disconnect from VPN. I tried both, it is still failing.
However, the same collection and environment setup is working fine in my colleagues laptop.
Also, my other collection with different environment works fine.
Error: Client network socket disconnected before secure TLS connection was established
Socket error usually comes when you have proxy issues :
see if your proxy settings are correct
I have same problem.
In my case I add client certificate in Settings->Certificates->Client Certificates
I had same error - in my case the proxy configuration was not supporting HTTPS. So you might just use proxy type HTTP
My application sits behind an elastic application load balancer and nginx server. When trying to connect to socket.io from chrome I receive a WebSocket is closed before the connection is established message and a 400 error.. This does not seem to occur when connecting directly through nginx. Additionally I have found that this error also does not occur when using a firefox browser. Is there a setting I am missing on the load balancer? I have tried sticky sessions/etc.. but that does not seem to resolve the issue.
Th
I ended up figuring this out. After adding the following to my config file it seemed to work consistantly. proxy_set_header Origin "";
I have a Django app which returns a large JSON while calling an API.
The problem is when I'm requesting the data, the data itself is truncated which is crashing the frontend.
I'm using cloud front for DNS and SSL and other feature provided by them for caching and improved performance.
I tried curling the API and got the following error from curl:
curl: (92) HTTP/2 stream 1 was not closed cleanly: INTERNAL_ERROR (err
2)
I tried disabling the Cloudflare but didn't work. On my localhost, however, everything works fine.
HTTP/2 stream 1 was not closed cleanly: INTERNAL_ERROR (err 2)
Closing connection 0
TLSv1.2 (OUT), TLS alert, Client hello (1): curl: (92) HTTP/2 stream 1 was not closed cleanly: INTERNAL_ERROR (err 2)
The JSON should be fetched entirely without getting chunked.
I got the same error with an application behind an AWS Application Load Balancer, using command:
curl "https://console.aws.example/api/xxx" -b "SESSION=$SESSION"
15:14:30 curl: (92) HTTP/2 stream 1 was not closed cleanly:
PROTOCOL_ERROR (err 1)
I had to force the use of HTTP/1.1 with the argument --http1.1
So the final command is:
curl "https://console.aws.example/api/xxx" -b "SESSION=$SESSION" --http1.1
I had this issue with AWS's Application Load Balancer (ALB). The problem was that I had Apache configured to use http2, but behind an ALB. The ALB supports http2 by default:
Application Load Balancers provide native support for HTTP/2 with HTTPS listeners. You can send up to 128 requests in parallel using one HTTP/2 connection. The load balancer converts these to individual HTTP/1.1 requests and distributes them across the healthy targets in the target group. Because HTTP/2 uses front-end connections more efficiently, you might notice fewer connections between clients and the load balancer. You can’t use the server-push feature of HTTP/2. 1
So, curl was using HTTP/2 to connect with the ALB, which was then converting it into an HTTP/1 request. Apache was adding headers to the response asking the client to Upgrade to HTTP/2, which the ALB just passed back to the client, and curl read it as invalid since it was already using an HTTP/2 connection. I solved the problem by disabling HTTP/2 on my Apache instance. Since it will always be behind an ALB, and the ALB is never going to make use of HTTP/2, then there is no point of having it.
Fix or Remove the Content-Length header in your HTTP request.
I was trying to connect to an AWS Gateway when this issue occurred to me. I was able to get the correct response using POSTMAN but if I copied over the same headers to curl, it would give me this error.
What finally worked for me was removing the Content-Length header as the length of the request in curl wasn't matching the same as it was in POSTMAN.
Since in my case I was only testing the API so this is fine, but I wouldn't suggest removing this header in production. Check to make sure the length is calculated correctly if this is occurring to you in a codebase.
With Nginx, you can experience this error in curl by having two http2 virtual hosts listening on the same server name. Running a check on your nginx config file will throw a warning letting you know that something isn't right. Fixing/removing the duplicate listing fixes this problem.
# nginx -t
nginx: [warn] conflicting server name "example.com" on 0.0.0.0:443, ignored
nginx: [warn] conflicting server name "example.com" on [::]:443, ignored