I created a SSL certificate with openssl on a debian 8 VM. So i have a single PEM file which contain my key and my certificate.
I would like to know if it's possible to use a SSL certificate without https, express etc, simply by using a architecture with socket IO (server side) and socket IO client (client side).
Server side :
var fs = require("fs")
, options = {
key : fs.readFileSync('./test/apache.pem'),
cert : fs.readFileSync('./test/apache.pem')
var io = require('socket.io').listen(45621, options)
io.sockets.on("connection", function(socket) {
console.log("socket " + socket.id + " connected !")
Client side : (I'm using a simple html client)
<script src="http://code.jquery.com/jquery-latest.min.js"></script>
<script src="socket-io-1-2-1.js"></script>
var socket = io.connect('https://localhost:45621', {secure: true})
socket.on("connect", function() { alert("we are connected to socket io!") })
When i'm running my client page, i automatically receive a connection close. (net::ERR_CONNECTION_CLOSED)
It works if i remove the SSL options in server side and change my client connection with :
but exchanges aren't secure ?
Edit: Isn't a duplicate of this because i don't want to use http, https, express by createServer method. I'm only using socket io.
I think it isn't possible to only use socket-io server to secure your exchanges if you wants your client to connect with "wss://" or "https://". I found a solution, but for that you need to require "https", "express" libraries even if you don't use them and create your server like this :
var https = require('https')
, fs = require('fs') //require fs to read your key & cert
, app = require("express")
, key = fs.readFileSync('<<PATH TO YOUR SSL KEY>>apache.key', 'utf8')
, cert = fs.readFileSync('<<PATH TO YOUR SSL CERT>>apache.crt', 'utf8')
var server = https.createServer({key: key, cert: cert}, app); //then create your server
var io = require("socket.io").listen(server);
io.sockets.on("connection", function(socket) {
console.log("socket id " + socket.id + " connected !")
socket.on("foo", function() { console.log("bar") })
Then your web client need to be like this:
<script src="https://code.jquery.com/jquery-latest.min.js"></script>
<script src="https://cdn.socket.io/socket.io-1.4.5.js"></script>
var socket = io.connect("")
socket.on("connect", function() { alert("my socket is connected !") })
If you want to test a SSL certificate for localhost, don't write "localhost" at the step "common name" with openssl command but write your local IP ( for me). Then with your client, do not connect with https://localhost but with this following url :
https://YOUR LOCAL IP:YOUR SERVER PORT/socket.io/?EIO=3&transport=websocket
At this moment, i've got a problem, i can connect my socket to my io server, but i can't emit and receive any emits. I tried this solution, but it doesn't works. I will edit this post when i will find the problem.
Edit : You need to run your web client through https://, not http://. Protocol http authorized your socket to connect to your io server however you can't to anything (emit/receive events).