Chrome failing to connect to websocket server (Opc

2020-08-10 08:03发布

问题:

I have a secure websocket server using a self-signed certificate that I'm not able to connect to from a chrome (v44.0.2403.107) client. Its my test server, and its created using pretty near identical code to my app server - which I can connect to.

I've tried restarting chrome. I've tried restarting my VM and all my putty instances. I know the port is correct because I can debug to the point in my server where the port is used, and I see that its 8090. I can do the same in my client: 8090. When i set a breakpoint at the callback in my server that's supposed to receive a websocket connection request, it never gets hit. The exact same breakpoint in my app server does get hit, so I've ruled out debugging issues.

The error I'm receiving in the console when it fails to connect is: WebSocket connection to 'wss://localhost:8090/' failed: WebSocket opening handshake was canceled. I'm also seeing only one frame in the network tab for that connection: (Opcode -1) Length: 40 17:06:08.360 and then of course I get a websocket error event that contains no additional useful info. What does Opcode -1 mean?

Here is the output I get from tcpdump on the VM-side, verifying that I am in fact getting network traffic from my browser to my VM (I set a breakpoint right before creating the WebSocket handle, and only when I press go does all this stuff happen):

[vagrant@localhost temp]$ sudo tcpdump -nnXSs 0 'port 8090'
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 65535 bytes
14:57:40.023027 IP 10.0.2.2.54174 > 10.0.2.15.8090: Flags [S], seq 133632001, win 65535, options [mss 1460], length 0
        0x0000:  4500 002c bd91 0000 4006 a52a 0a00 0202  E..,....@..*....
        0x0010:  0a00 020f d39e 1f9a 07f7 1001 0000 0000  ................
        0x0020:  6002 ffff 74e5 0000 0204 05b4            `...t.......
14:57:40.023066 IP 10.0.2.15.8090 > 10.0.2.2.54174: Flags [S.], seq 4249375587, ack 133632002, win 14600, options [mss 1460], length 0
        0x0000:  4500 002c 0000 4000 4006 22bc 0a00 020f  E..,..@.@.".....
        0x0010:  0a00 0202 1f9a d39e fd48 5363 07f7 1002  .........HSc....
        0x0020:  6012 3908 eb1f 0000 0204 05b4            `.9.........
14:57:40.023608 IP 10.0.2.2.54174 > 10.0.2.15.8090: Flags [.], ack 4249375588, win 65535, length 0
        0x0000:  4500 0028 bd92 0000 4006 a52d 0a00 0202  E..(....@..-....
        0x0010:  0a00 020f d39e 1f9a 07f7 1002 fd48 5364  .............HSd
        0x0020:  5010 ffff 3be5 0000                      P...;...
14:57:40.023636 IP 10.0.2.2.54174 > 10.0.2.15.8090: Flags [P.], seq 133632002:133632175, ack 4249375588, win 65535, length 173
        0x0000:  4500 00d5 bd93 0000 4006 a47f 0a00 0202  E.......@.......
        0x0010:  0a00 020f d39e 1f9a 07f7 1002 fd48 5364  .............HSd
        0x0020:  5018 ffff 76a5 0000 1603 0100 a801 0000  P...v...........
        0x0030:  a403 03b3 155b 57a9 66a3 71d9 859a 748d  .....[W.f.q...t.
        0x0040:  55d3 9f95 12c8 69cd bf8b 96f2 dde4 f936  U.....i........6
        0x0050:  32b5 5c00 0022 c02b c02f 009e cc14 cc13  2.\..".+./......
        0x0060:  cc15 c00a c014 0039 c009 c013 0033 009c  .......9.....3..
        0x0070:  0035 002f 000a 00ff 0100 0059 0000 000e  .5./.......Y....
        0x0080:  000c 0000 096c 6f63 616c 686f 7374 0017  .....localhost..
        0x0090:  0000 0023 0000 000d 0016 0014 0601 0603  ...#............
        0x00a0:  0501 0503 0401 0403 0301 0303 0201 0203  ................
        0x00b0:  0005 0005 0100 0000 0033 7400 0000 1200  .........3t.....
        0x00c0:  0075 5000 0000 0b00 0201 0000 0a00 0600  .uP.............
        0x00d0:  0400 1700 18                             .....
14:57:40.023646 IP 10.0.2.15.8090 > 10.0.2.2.54174: Flags [.], ack 133632175, win 15544, length 0
        0x0000:  4500 0028 dcea 4000 4006 45d5 0a00 020f  E..(..@.@.E.....
        0x0010:  0a00 0202 1f9a d39e fd48 5364 07f7 10af  .........HSd....
        0x0020:  5010 3cb8 fe7f 0000                      P.<.....
14:57:40.025597 IP 10.0.2.15.8090 > 10.0.2.2.54174: Flags [P.], seq 4249375588:4249376372, ack 133632175, win 15544, length 784
        0x0000:  4500 0338 dceb 4000 4006 42c4 0a00 020f  E..8..@.@.B.....
        0x0010:  0a00 0202 1f9a d39e fd48 5364 07f7 10af  .........HSd....
        0x0020:  5018 3cb8 1b3b 0000 1603 0300 4b02 0000  P.<..;......K...
        0x0030:  4703 03a3 0a5c dd01 39a5 c7e6 33de 6e10  G....\..9...3.n.
        0x0040:  1eb4 d7c3 1127 d7a0 7beb bac2 fbd0 5dc6  .....'..{.....].
        0x0050:  3c75 3200 009c 0000 1fff 0100 0100 0023  <u2............#
        0x0060:  0000 3374 0012 0868 7474 702f 312e 3108  ..3t...http/1.1.
        0x0070:  6874 7470 2f31 2e30 1603 0302 b20b 0002  http/1.0........
        0x0080:  ae00 02ab 0002 a830 8202 a430 8201 8c02  .......0...0....
        0x0090:  0900 d437 88ae 7bbe 1e4d 300d 0609 2a86  ...7..{..M0...*.
        0x00a0:  4886 f70d 0101 0505 0030 1431 1230 1006  H........0.1.0..
        0x00b0:  0355 0403 0c09 6c6f 6361 6c68 6f73 7430  .U....localhost0
        0x00c0:  1e17 0d31 3530 3131 3030 3932 3530 315a  ...150110092501Z
        0x00d0:  170d 3235 3031 3037 3039 3235 3031 5a30  ..250107092501Z0
        0x00e0:  1431 1230 1006 0355 0403 0c09 6c6f 6361  .1.0...U....loca
        0x00f0:  6c68 6f73 7430 8201 2230 0d06 092a 8648  lhost0.."0...*.H
        0x0100:  86f7 0d01 0101 0500 0382 010f 0030 8201  .............0..
        0x0110:  0a02 8201 0100 dd4e 94f0 608c 3bc9 d7a7  .......N..`.;...
        0x0120:  cc5b 0135 5630 4b45 5e01 c08f c543 66c1  .[.5V0KE^....Cf.
        0x0130:  d581 dba0 ce59 ccd4 5e63 f4a5 4dab 88cf  .....Y..^c..M...
        0x0140:  fafc ade0 bd7e 640f e690 21f0 2c7e de6a  .....~d...!.,~.j
        0x0150:  5342 990e 3f8e e227 b8e3 f133 b320 f1e1  SB..?..'...3....
        0x0160:  2b1d 7225 7103 ca7f e286 026c 1d2c 5b4f  +.r%q......l.,[O
        0x0170:  71ad 21c5 c10f b686 9c59 873c 89db fe7d  q.!......Y.<...}
        0x0180:  1a96 9c65 9fcd db51 87db f7c2 795b e338  ...e...Q....y[.8
        0x0190:  2bc5 2c93 c74d aa79 487d d3b8 5c4e 3919  +.,..M.yH}..\N9.
        0x01a0:  a5eb 1665 6778 050c cba8 a770 6324 8f07  ...egx.....pc$..
        0x01b0:  228c 6084 ac91 5d57 9569 b0a1 aaed 62a5  ".`...]W.i....b.
        0x01c0:  6f82 0afd 3d81 0f1b e4c0 55da 674e 8cde  o...=.....U.gN..
        0x01d0:  252b 3b35 2891 6d40 bc23 ac66 8e24 4dda  %+;5(.m@.#.f.$M.
        0x01e0:  fc59 5f1d 0c5f ad21 6c00 6ce5 6ed0 f6f8  .Y_.._.!l.l.n...
        0x01f0:  8752 a2b8 3758 a79c 4898 1cd4 3e51 8e33  .R..7X..H...>Q.3
        0x0200:  5d9b 5142 8ace d055 59da 4447 5cac d464  ].QB...UY.DG\..d
        0x0210:  dd9c 91fb 4499 0203 0100 0130 0d06 092a  ....D......0...*
        0x0220:  8648 86f7 0d01 0105 0500 0382 0101 0054  .H.............T
        0x0230:  e877 2716 fedc c2ac a79e fc8b 765e f38b  .w'.........v^..
        0x0240:  96b2 e52d 60bb 85ec 9ffc 13ba b4a3 2500  ...-`.........%.
        0x0250:  ac52 607b 3ea6 4ce1 693d 200e 7982 a586  .R`{>.L.i=..y...
        0x0260:  ed96 ab27 a129 009c d6bc f1f4 34bd 4b22  ...'.)......4.K"
        0x0270:  34ad 093c 9754 a465 2226 3c60 7f34 0f07  4..<.T.e"&<`.4..
        0x0280:  a069 e518 e9e8 3134 4a16 f9d6 0a60 6ed5  .i....14J....`n.
        0x0290:  2f41 3192 f40b ed47 c5a6 4e42 5ef0 22f8  /A1....G..NB^.".
        0x02a0:  b56b 6f59 5ecf 8eff 2da0 01e5 ab3c 8be0  .koY^...-....<..
        0x02b0:  ff5a d9fa 8468 f7ac 776b e387 09ec c965  .Z...h..wk.....e
        0x02c0:  ebee b6bd 5535 c5f0 ce47 1eef ddc4 f298  ....U5...G......
        0x02d0:  933c 9c9f 73dd e2c9 a5c2 d771 1bb9 6d83  .<..s......q..m.
        0x02e0:  8955 8104 46f1 d567 b28b 1694 25ea 4a54  .U..F..g....%.JT
        0x02f0:  df64 0524 7d8e 2c37 5314 b59f f268 ffdd  .d.$}.,7S....h..
        0x0300:  c946 444b 6f97 839f 8cfd 6b07 0018 ccbb  .FDKo.....k.....
        0x0310:  f4dc 3261 5367 e322 7f7d 2cb8 dd40 5788  ..2aSg.".},..@W.
        0x0320:  8532 2c45 2465 3daf e32d 49fa 9a98 3e16  .2,E$e=..-I...>.
        0x0330:  0303 0004 0e00 0000                      ........
14:57:40.026734 IP 10.0.2.2.54174 > 10.0.2.15.8090: Flags [.], ack 4249376372, win 65535, length 0
        0x0000:  4500 0028 bd95 0000 4006 a52a 0a00 0202  E..(....@..*....
        0x0010:  0a00 020f d39e 1f9a 07f7 10af fd48 5674  .............HVt
        0x0020:  5010 ffff 3828 0000                      P...8(..
14:57:40.028177 IP 10.0.2.2.54174 > 10.0.2.15.8090: Flags [P.], seq 133632175:133632558, ack 4249376372, win 65535, length 383
        0x0000:  4500 01a7 bd98 0000 4006 a3a8 0a00 0202  E.......@.......
        0x0010:  0a00 020f d39e 1f9a 07f7 10af fd48 5674  .............HVt
        0x0020:  5018 ffff c6ac 0000 1603 0301 0610 0001  P...............
        0x0030:  0201 009e 4509 3c23 b3ed 5828 9582 0362  ....E.<#..X(...b
        0x0040:  bdd7 046a 0410 38af 711c 8fca 0cfd 36f4  ...j..8.q.....6.
        0x0050:  3da0 c5c7 165a fedb 7f22 4063 2682 989f  =....Z..."@c&...
        0x0060:  1c20 f2ff b768 ee7e a30b 95e5 31d7 fa32  .....h.~....1..2
        0x0070:  58da a10f afe1 4391 c503 d624 3fa8 10e4  X.....C....$?...
        0x0080:  5151 0c15 cfbd 22c7 e7ca df5f ec40 e310  QQ...."...._.@..
        0x0090:  988f f1dc 56ac 6ec2 1edf fe6c eccc 2e70  ....V.n....l...p
        0x00a0:  d9b9 1ed2 a2f3 16c7 9e5a d563 fcf5 678f  .........Z.c..g.
        0x00b0:  9a01 27f5 6bee 356e 7b4d dd71 871e 3f85  ..'.k.5n{M.q..?.
        0x00c0:  59d6 c928 7d10 07cb 5997 e56c ba12 6e1b  Y..(}...Y..l..n.
        0x00d0:  ae89 02d3 5af8 9480 d6d1 800b 3481 c011  ....Z.......4...
        0x00e0:  b36b f634 00a2 57f2 5d7e 8da7 3ac6 3bbf  .k.4..W.]~..:.;.
        0x00f0:  bc9f 12f9 9c88 8ee6 3dda 1f75 9a1d dd82  ........=..u....
        0x0100:  689b 1291 7d98 d951 f09f ef59 df21 f692  h...}..Q...Y.!..
        0x0110:  f708 e488 7228 bfb5 6d4b 75ac 7c1b e3bc  ....r(..mKu.|...
        0x0120:  efe9 54f0 f821 1f2c bb41 3d38 0e4c 5bd1  ..T..!.,.A=8.L[.
        0x0130:  8af7 9214 0303 0001 0116 0303 003c 0000  .............<..
        0x0140:  0000 0000 0000 7539 a08c 45e4 a57d 2f5c  ......u9..E..}/\
        0x0150:  b4e0 6e98 53f4 8359 528d a430 89f0 2587  ..n.S..YR..0..%.
        0x0160:  4490 9d71 b4f2 6cfb fdc3 40e8 501a cb31  D..q..l...@.P..1
        0x0170:  3cad caf9 926b bd81 55a3 1603 0300 2800  <....k..U.....(.
        0x0180:  0000 0000 0000 019e 8daf 7add 6932 9aeb  ..........z.i2..
        0x0190:  e2ab aa26 27bc a925 43cd bc50 7516 e69d  ...&'..%C..Pu...
        0x01a0:  ea9f 3521 ba4c 34                        ..5!.L4
14:57:40.037113 IP 10.0.2.15.8090 > 10.0.2.2.54174: Flags [P.], seq 4249376372:4249376614, ack 133632558, win 16616, length 242
        0x0000:  4500 011a dcec 4000 4006 44e1 0a00 020f  E.....@.@.D.....
        0x0010:  0a00 0202 1f9a d39e fd48 5674 07f7 122e  .........HVt....
        0x0020:  5018 40e8 191d 0000 1603 0300 ba04 0000  P.@.............
        0x0030:  b600 0001 2c00 b03e 32e8 5f5d eead 8fd8  ....,..>2._]....
        0x0040:  7d30 19f4 9cee 907f a498 259f fd4c c87a  }0........%..L.z
        0x0050:  8e0b 8783 564b 7ce1 de37 b8ac 7bd3 3415  ....VK|..7..{.4.
        0x0060:  7f69 dece 4b60 a4eb ffcb 8781 1cfa 5930  .i..K`........Y0
        0x0070:  68e0 ab94 674a 5539 25b1 e8de 5a41 c93a  h...gJU9%...ZA.:
        0x0080:  6a3e c1e0 18b0 0e27 9207 6309 194c d7e0  j>.....'..c..L..
        0x0090:  a46b 191b 8a8e e1ec 40b6 2096 4458 f412  .k......@...DX..
        0x00a0:  52ad f44f 9f7c 6338 abea ba96 13e8 9c8c  R..O.|c8........
        0x00b0:  4a53 9c61 409e b121 de4d bafa bf88 f88e  JS.a@..!.M......
        0x00c0:  c7c2 0514 6905 0a5b 1f91 e155 bcae 0b82  ....i..[...U....
        0x00d0:  0d17 9ef7 2c05 a799 7408 51ac 957b f506  ....,...t.Q..{..
        0x00e0:  50d3 a841 0c9b 0314 0303 0001 0116 0303  P..A............
        0x00f0:  0028 e48b 22a4 e702 10f6 8f82 1c47 97fa  .(.."........G..
        0x0100:  990f 3697 3b44 9de5 9f5e 22f8 05a4 39b3  ..6.;D...^"...9.
        0x0110:  4762 e460 67c0 f142 9ddb                 Gb.`g..B..
14:57:40.037663 IP 10.0.2.2.54174 > 10.0.2.15.8090: Flags [.], ack 4249376614, win 65535, length 0
        0x0000:  4500 0028 bd9d 0000 4006 a522 0a00 0202  E..(....@.."....
        0x0010:  0a00 020f d39e 1f9a 07f7 122e fd48 5766  .............HWf
        0x0020:  5010 ffff 35b7 0000                      P...5...
14:57:40.039110 IP 10.0.2.2.54174 > 10.0.2.15.8090: Flags [F.], seq 133632558, ack 4249376614, win 65535, length 0
        0x0000:  4500 0028 bd9e 0000 4006 a521 0a00 0202  E..(....@..!....
        0x0010:  0a00 020f d39e 1f9a 07f7 122e fd48 5766  .............HWf
        0x0020:  5011 ffff 35b6 0000                      P...5...
14:57:40.039598 IP 10.0.2.15.8090 > 10.0.2.2.54174: Flags [F.], seq 4249376614, ack 133632559, win 16616, length 0
        0x0000:  4500 0028 dced 4000 4006 45d2 0a00 020f  E..(..@.@.E.....
        0x0010:  0a00 0202 1f9a d39e fd48 5766 07f7 122f  .........HWf.../
        0x0020:  5011 40e8 f4cc 0000                      P.@.....
14:57:40.040616 IP 10.0.2.2.54174 > 10.0.2.15.8090: Flags [.], ack 4249376615, win 65535, length 0
        0x0000:  4500 0028 bda0 0000 4006 a51f 0a00 0202  E..(....@.......
        0x0010:  0a00 020f d39e 1f9a 07f7 122f fd48 5767  .........../.HWg
        0x0020:  5010 ffff 35b5 0000                      P...5...

Any ideas as to how I can debug this further?

Update: After switching back to code I know has worked before, the problem still exists. So seems like I can rule out an issue with my code - is this a problem with my machine, network interfaces?

Update2: Its still happening even after I restarted my entire machine. Now i'm getting a little pissed off because this is actually going to block me from working. I really thought the problem would probably disappear (at least for a while) after restarting..

Update3: I created a node client that can successfully connect to the websocket server. So it seems to be a chrome issue. It certainly looks similar to what you see when it rejects the self-signed cert - but I'm using the same cert for my test server and app server. One works, the other doesn't, so it can't be the cert, right?

回答1:

Ok after long last I figured out something that worked. The problem still makes no sense to me, but the solution was to explicitly import the certificate into its accepted list in a very specific way:

  1. Open an https page with the certificate
  2. Click the lock icon and under Connection choose Certificate Information
  3. Go to the Details tab > Copy to File. Choose PKCS #7, single certificate as the file format and save it somewhere (name doesn't matter).
  4. Open up Chrome Settings > Show advanced settings > HTTPS/SSL > Manage Certificates.
  5. Go to the Trusted Certificate Root Authorities tab
  6. Import the certificate you "copied to file" in step 3
  7. Restart Chrome (one of those few cases where you need to)

Thanks to the answer here: Getting Chrome to accept self-signed localhost certificate