Maybe this has nothing to do with you. I confess I’m a little desperate. All I need is to resolve this problem: ERR_CERT_COMMON_NAME_INVALID
This is what shows on my browser console when I try to connect via the code wss://my_ip:443, where 443 is the port. I asked for help at other groups/communities and all of them have said the same thing: that I need to check if there is compatibility between the certificates both in the websocket and in my web server (my site follows this pattern: https://mysite.com). By looking up my files dependency, this is what I found:
This file cacert.pem is the ca bundle that contains various certificates in PEM format. Inside that document, I couldn’t find any Let’s Encrypt certificate. Where can I find one, so that I can put there just to test? I know that I used CertBot to install and enable https in my website, so I thought that maybe you could help.
Yes, sir. I have a domain name of my own, and when registering the certificate through CertBot in the SSH Terminal for my VPS with Ubuntu 16.04 LTS, I selected my domain. So you’re saying that I should use wss://domain.com:443 instead, right? And as for the port, is it correct? I tried to use 8080, 8081, but with no success, and when I use them, the error CONNECTION_REFUSED shows on my browser console. This is a chat system I’m implementing in PHP.
Correct. The client checks if the authority part of the URI is amongst the items in the SubjectAlternativeName (SAN). However, Let's Encrypt (currently) doesn't allow IP addresses in the SAN of their certificates. Therefore, you can't use an IP address in your URI and should only use hostnames (which should of course be in your certificates SAN).
That has nothing to do with the certificate (and with that Let's Encrypt). That's just a matter of server configuration.
It's perfectly possible to run HTTPS and Websockets on port 443, my Home Assistant works that way with a nginx reverse proxy in front of it.
Your readme has links about how to set up your server at the "server conf docs" link. Besides that, this readme doesn't tell us anything interesting nor does it give us any pointers to help you. Which by the way is more a server configuration issue in general than a TLS/certificate/Let's Encrypt issue.
Yep. Each time I come to the conclusion that it’s not a certificate issue, but a program configuration issue. I’ll check all links and info. Look, it’s all working on http protocol, but the connection is not going on on https because of this error. There are a few libs inside the dependency I’ll have to check such as Ratchet, React, etc., where additional configurations of things like port and host are also set.
Yes, the upgrade header also makes sense. I’ve tested here using a wrong port on http and on ws://localhost:443 and the error shown was that same one: Unexpected response code: 200. I think there must be some port other then 443 that may work with it. I don’t know… Doing my research…
Speaking of which, I'm trying to install Nginx here in my Web server. So are you saying it's more feasible to work with Nginx than with Apache when dealing with Websockets running on HTTPS?
I'm just doing this for testing purposes. Thanks.