Skip to content

Checking CA in socket.io-client #894

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
arashthk opened this issue Oct 25, 2015 · 3 comments
Closed

Checking CA in socket.io-client #894

arashthk opened this issue Oct 25, 2015 · 3 comments
Assignees
@darrachequesne

Comments

@arashthk
Copy link

I have created an HTTPS server with socket.io and a client with socket.io-client.

Problem is that apparently socket.io-client does not check validity of HTTPS connection by the given CA in it's option.

For clarification here's a sample code: In simple https request if I do not provide CA in client I get Error: unable to verify the first certificate, but with socket.io-client connection establishes, which is totally not what I want.

//Client

var https = require('https'),
    socketClient = require('socket.io-client'),
    fs = require('fs');

var options = {
    // IT'S EXPECTED THAT I DON'T PROVIED CA, HTTPS CONNECTION FAILS
    //ca: fs.readFileSync('cert/ca.crt'),
    agent: false
};

var socket = socketClient('https://localhost', options);

socket.on('connect', function() {
    console.log('Connected to hub');
    socket.emit('msg', function(resp){
        console.log('Response: ' + resp);
    });
});

And server :

// Server

var https = require('https'),
    socketIo = require('socket.io'),
    fs = require('fs');

var options = {
    // CERTIFICATE HAS BEEN SIGNED WITH CA
    cert: fs.readFileSync('cert/signed.crt'),
    key: fs.readFileSync('cert/signed.key'),
    rejectUnauthorized: false
};

var app = https.createServer(options, function(req, res) {
    res.end('Hi');
});

var io = socketIo(app);

io.on('connection', function(socket) {
    console.log('Connected !');

    socket.on('msg', function(cb) {
        console.log('Msg recved');
        cb('Client got it');
    });
});

app.listen(443, function() {
    console.log('Server Started ...');
});
@zxc23
Copy link

zxc23 commented Aug 28, 2017

Did you ever find a solution to this problem?

@darrachequesne darrachequesne self-assigned this Aug 30, 2017
@darrachequesne
Copy link
Member

rejectUnauthorized now defaults to true on the client-side (socketio/engine.io-client#558), so I think that issue can be closed.

Fiddle: https://github.com/darrachequesne/socket.io-fiddle/tree/ssl-example

@arashthk
Copy link
Author

@zxc23 Unfortunately I no longer have access to the codes, but what I can remember is that I used a configured https agent in socket.io option. I'm not sure how's that gonna work now, consider that I was using socket.io 1.*

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@darrachequesne darrachequesne

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@zxc23 @arashthk @darrachequesne