Question posted in 
I’m using the package beyondcode/laravel-websockets.
My problem here is when I set the 'verify_peer' => true the websocket is not working, but when the value is false it is working. Is there anyone here managed to make this to work?
For production website, I want set the verify_peer to true to prevent man-in-the-middle attack.
I have a website, lets say aceraven777.com, it already has SSL installed (in the cPanel it has autoSSL enabled).
In the websockets config I entered the same path (the one that cPanel generated) for the certificate and private key.
The chrome throws an error:
WebSocket connection to 'wss://aceraven777.com:6001/app/asdfswerqwsafasfd?protocol=7&client=js&version=4.3.1&flash=false' failed:
createWebSocket @ pusher.min.js:8
This is the error in firefox:
Firefox can’t establish a connection to the server at wss://aceraven777.com:6001/app/asdfswerqwsafasfd?protocol=7&client=js&version=4.3.1&flash=false. pusher.min.js:8:6335
Below are the settings I used:
config/websockets.php
'ssl' => [
/*
* Path to local certificate file on filesystem. It must be a PEM encoded file which
* contains your certificate and private key. It can optionally contain the
* certificate chain of issuers. The private key also may be contained
* in a separate file specified by local_pk.
*/
'local_cert' => env('LARAVEL_WEBSOCKETS_SSL_LOCAL_CERT', null),
/*
* Path to local private key file on filesystem in case of separate files for
* certificate (local_cert) and private key.
*/
'local_pk' => env('LARAVEL_WEBSOCKETS_SSL_LOCAL_PK', null),
/*
* Passphrase for your local_cert file.
*/
'passphrase' => env('LARAVEL_WEBSOCKETS_SSL_PASSPHRASE', null),
'verify_peer' => true,
],
config/broadcasting.php
'pusher' => [
'driver' => 'pusher',
'key' => env('PUSHER_APP_KEY'),
'secret' => env('PUSHER_APP_SECRET'),
'app_id' => env('PUSHER_APP_ID'),
'options' => [
'cluster' => env('PUSHER_APP_CLUSTER'),
'host' => env('PUSHER_APP_HOST'),
'port' => env('PUSHER_APP_PORT'),
'useTLS' => true,
'scheme' => 'https',
'curl_options' => [
CURLOPT_SSL_VERIFYHOST => 1,
CURLOPT_SSL_VERIFYPEER => 1,
],
],
// Configuration for laravel mix JS
'mix' => [
'host' => env('MIX_PUSHER_APP_HOST'),
'key' => env('MIX_PUSHER_APP_KEY'),
'cluster' => env('MIX_PUSHER_APP_CLUSTER'),
'port' => env('MIX_PUSHER_APP_PORT'),
],
],
3
Answers
This article helped me a lot some time ago implementing websockets especially with SSL certificate:
https://christoph-rumpel.com/2020/11/laravel-real-time-notifications
You also have git repositories telling you how to implement with and without SSL.
You probably need to specify a Certificate Authority file on the local filesystem.
This is the source of 95% of these errors on production servers.
The other 4% are caused by self-signed certificates, which I doubt you have in a production environment.
You will need to modify your
config/websockets.phpThe CA path typically a directory similar to
/etc/ssl/certs/.If this does not work try allowing self-signed certs:
For more information, you should look at the PHP specification for SSL verify peer.
To me it seems, you are not connecting to the correct port.
PusherJs uses default web ports 80 and 443, as described here: https://pusher.com/docs/channels/library_auth_reference/pusher-websockets-protocol
Change the port inside your .env file