Background: Hi, I’ve checked similar threads that describe the error that I’m getting, but none of them seem to solve my problem.
My situation is a bit peculiar: I am hosting my static content on an S3 bucket, served by cloudfront with it’s own Amazon isssued certificate, and on an EC2 instance, I am running nginx as a reverse proxy to accept a backend ssl connection that the static content will initiate.

My domain is:

I ran this command:sudo certbot certonly --dns-route53 -d (to generate the letsencrypt certs)

It produced this output: gave me fullchein,pem,privkey,pem,cert.pem,and chain.pem

My web server is (include version):
NGINX 1.14.

The operating system my web server runs on is (include version): EC2 ubuntu 18.04 instance

My hosting provider, if applicable, is: Amazon

I can login to a root shell on my machine (yes or no, or I don’t know):yes

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):I think I can.

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot): 0.31

STEPS TO REPRODUCE THE ERROR: Go to , and open the dev tools to console output. You will see the error.

Firefox can’t establish a connection to the server at wss://

So this is your backend, right?

Whatever secure websocket connection you make, the certificate needs to match the hostname in the URI.

You won’t be able to issue a certificate for an domain, so I suggest:

  1. Create in your DNS and point it at your EC2 intstance
  2. Issue a certificate for and configure nginx with it
  3. Configure your static app to connect to wss:// instead.
  4. You might have to configure some CORS headers on nginx, to allow to connect to wss:// I’m not sure how cross-origin rules apply to websockets tbh.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.