Advertisement

websockets, websocketpp, ssl

Started by October 12, 2021 08:26 PM
2 comments, last by h8CplusplusGuru 3 years ago

I am trying to write a c++ websocket serverand have browser/chrome clients connect over websockets, for a multiplayer game. The websocket c++ library I'm using atm is websocketpp or websocket++. I wrote an app that allows clients to connect over ws and localhost, but when I add an ip for the address, connections don't occur at all. Now I think I have to use ssl and wss for ip connection? I tried it and there is some connection activity, but then the handshake times out. Could I be experiencing cross-orgin issues, or what, do i need ssl? I am new to websockets. Could the problem be my ssl certs i made with openssl? I can post code, or if you are familiar with a c++ library to do websockets, what is it?

Whether you use ws or wss should be orthogonal to whether you're using IP or localhost

If you're using IP then make sure that the IP is actually reachable from your client – no NAT in the way, for example, and not using the “outside” IP address when the client is “inside” your firewall. Also, make sure that network interface is allowed through whatever firewall software you're using.

When it comes to wss this is what you're going to have to use on the greater internet (I don't know if browsers outright deny ws connections over the internet, but they might …) To make that work, you have to have a server certificate configured on your wss server, signed by a root certificate, that is trusted by your wss client (e g, browser.) And the subject (name) of the certificate must be the domain name that the browser connects to. For testing, using a self-generated root certificate, and installing that in your browser certificate store, and then using that to sign a generated certificate for your “localhost” service is fine. For live deployments, consider something like Let's Encrypt, which will require you to do some additional machination to make sure their servers see a web service that can verify domain ownership.

Other than that, make sure to use Wireshark to figure out what's going on, and if that's not enough, you have the source – crack open the library, add some logging/printfs (or breakpoints in the debugger) and figure out what's going on!

enum Bool { True, False, FileNotFound };
Advertisement

OK I resolved my issue, just needed to forward the port; no need for ssl since the html is served from file rather than webservice

This topic is closed to new replies.

Advertisement