Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vlad2018-02-28 17:51:42
PHP
Vlad, 2018-02-28 17:51:42

Why doesn't Workerman work for wss connection?

There is a websocket daemon in PHP 7.0 (implemented in Workerman ). Piece of code:

$worker = new Worker('websocket://my-domain.com:8084', [
    'ssl' => [
        'local_cert'  => '/etc/letsencrypt/live/my-domain.com/cert.pem',
        'local_pk'    => '/etc/letsencrypt/live/my-domain.com/privkey.pem',
        'verify_peer' => false,
    ]
]);
$worker->transport = 'ssl';
$worker->count = 1;
$worker->onConnect = function ($connection) { ... }

When developing on a local server, I use self-signed SSL certificates and everything works as it should: the client confidently connects to the daemon via wss. On the production server I use Let's Encrypt certificates.
And here the strange begins: when trying to connect a client, Workerman throws the following error
Error: stream_socket_enable_crypto(): SSL_R_NO_SHARED_CIPHER: no suitable shared cipher could be used.  This could be because the server is missing an SSL certificate (local_cert context option)

Tell me what could be the problem?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
M
Make Now, 2018-09-23
@progress_man

In general, I suffered and suffered, which I just didn’t try :)) In the end, everything turned out to be very simple: the problem is that the certificates are located in /etc/letsencrypt/live/ and, in fact, workerman has no access to them, the solution is to make links to certificates and put these links next to the startup script.
example:
sudo cp -l /etc/letsencrypt/live/my-domain.com/fullchain.pem /var/www/yoursite/fullchain.pem
sudo cp -l /etc/letsencrypt/live/my-domain.com/privkey .pem /var/www/yoursite/privkey.pem
and then connect

$context = array(
  'ssl' => array(
    'local_cert'  => __DIR__.'/fullchain.pem',
    'local_pk'    => __DIR__.'/privkey.pem',
    'verify_peer' => false,
  )
);

// Create a Websocket server
$ws_worker = new Worker("websocket://0.0.0.0:8084", $context);//0.0.0.0 - значит принимать соединения от любого ip
$ws_worker->transport = 'ssl';

and there will be happiness :)

Report
I
ivankomolin, 2018-03-01
@ivankomolin

It is written in black and white that this error is probably due to the fact that it cannot find the certificate from the local_cert property on the disk.
Check if the paths to the certificates
are correct. If everything is correct, then look towards the crypto_type.
One that is not available on the server can be selected.

Similar questions
S
StayAtHome2015-04-01 12:24:02
How to distinguish a web request from a regular page from a request from the extension itself from a Chrome/Opera extension? 4Reply
A
Anton2021-03-27 12:39:53
Getting the selected radio item and passing it to the email body, how to display the selected item? 2Reply
K
khudobinvasiliy2021-04-02 20:04:00
How to resolve 500 error on Flask Heroku? 3Reply
I
ibr_982017-04-24 19:18:51
Why doesn't "MouseEnter" work in visual c#? 2Reply
7
7a-6662022-02-05 17:26:31
How to get to the runserver that was launched inside the container from the browser? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question