Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

ECONNRESET with SSL client certificate

See original GitHub issue

Hi.

I’m trying to connect a client websocket to an express server + socket.io. The server is HTTPS (self signed certificate — even if I know it’s not supposed to work everywhere).

Here is how I create the server :

...
const app = express();
const server = https.createServer({
    key               : fs.readFileSync(key),
    cert              : fs.readFileSync(cert),
    ca                : fs.readFileSync(ca),
    requestCert       : true,
    rejectUnauthorized: false
}, app);
app.locals.server = server;

server.listen(config.port, () => ...);

app.locals.io = socketio(app.locals.server, {
    transports: ['websocket']
});
app.locals.io.on('connection', socket => {
    ...
});

Here is how my test looks like :

import io from 'socket.io-client';

describe('...', () => {
    it('...', done => {
        // Also tried with https, ws
        let client = io.connect('wss://localhost:3006/', {
            transports        : ['websocket'],
            secure            : true, // Tried this or not
            rejectUnauthorized: false, // Tried this or not
            verify            : false // Tried this or not
        });
        client.on('connect', () => done());
        client.on('connect_error', err => {
            console.log(err);
        });
    });
});

I disabled HTTP polling willingly (as it was interfering with my REST API

Edit : The error is :

{ [Error: websocket error]
  type: 'TransportError',
  description: 
   { [Error: socket hang up]
     code: 'ECONNRESET',
     type: 'error',
     target: 
      WebSocket {
        domain: null,
        _events: [Object],
        _eventsCount: 4,
        _maxListeners: undefined,
        _socket: null,
        _ultron: null,
        _closeReceived: false,
        bytesReceived: 0,
        readyState: 0,
        supports: [Object],
        extensions: {},
        _isServer: false,
        url: 'wss://localhost:3006/socket.io/?EIO=3&transport=websocket',
        protocolVersion: 13,
        binaryType: 'buffer' } } }

Thanks 😃

Issue Analytics

State:
Created 8 years ago
Comments:6 (1 by maintainers)

Top GitHub Comments

3reactions

PymZoRcommented, Jul 4, 2016

The RejectUnauthorized param must be set on the https agent.

This snippet works great for a self-signed https server :

// server.js
import express from 'express';
import https   from 'https';
import sio     from 'socket.io';
import fs      from 'fs';

const key  = fs.readFileSync('./ssl/test/server.key');
const cert = fs.readFileSync('./ssl/test/server.crt');
const ca   = fs.readFileSync('./ssl/test/ca.crt');
const opts = { key, cert, ca };

const app    = express();
const server = https.createServer(opts, app);
const io     = sio.listen(server);

server.listen(3006);

io.on('connection',  socket => {
    console.log('[OK] New connection');
});

For the client :

// client.js
import io    from 'socket.io-client';
import https from 'https';

https.globalAgent.options.rejectUnauthorized = false;
const socket = io.connect('https://localhost:3006/', { agent: https.globalAgent });

socket.on('connect', function() {
    console.log('[OK] Client connected');
});

Hope this helps 🚀

0reactions

pmidalwancommented, Aug 10, 2018

@darrachequesne Hi… I modifyed the code as below and it compiled for me.

var fs = require(‘fs’); var io =require(‘/usr/lib/node_modules/npm/node_modules/socket.io/node_modules/socket.io-client’); var https= require(‘https’);

const socket = io.connect(‘https://localhost:3000/’, {rejectUnauthorized: true, ca: fs.readFileSync(‘/mnt/readerconfig/ssl/server.crt’) });

socket.on(‘connect’, function() { console.log(‘[OK] Client connected’); });

socket.on(‘error’, function(err) { console.log(‘[OK] Client connected’+err); });

but the issue is again same . With self signed certificate it returned with below error :

root@FX9600EF95C5:/usr/lib/node_modules/npm# node client.js [OK] Client connectedError: self signed certificate at Error (native) at TLSSocket.<anonymous> (_tls_wrap.js:936:36) at TLSSocket.emit (events.js:104:17) at TLSSocket._finishInit (_tls_wrap.js:467:8)

Top Results From Across the Web

How do I debug error ECONNRESET in Node.js?

"ECONNRESET" means the other side of the TCP conversation abruptly closed its end of the connection. This is most probably due to one...

Windows: SSL/TLS connection reset after ClientHello ...

Windows: SSL/TLS connection reset after ClientHello (ECONNRESET ... No client certificate CA names sent --- SSL handshake has read 0 bytes ...

ECONNRESET when authenticating via sfdx auth:jwt:grant

I am trying to authenticate Salesforce sandbox from client's Jenkins using below command which is part of Jenkins pipeline. sfdx auth:jwt:grant ...

Transport Security with Certificate Authentication - WCF

Learn about how WFC uses certificates for server and client authentication when using transport security.

Rehash: How to Fix the SSL/TLS Handshake Failed Error

Incomplete/invalid certificate chain presented to client. Revoked/expired SSL/TLS certificate sent to the client or server. Replacement of self-signed ...