TLS Support

[Pierozi]

The TLS support of WebSocket is partially working.
The enableEncryption method was forgot in Server side.

I've open a PR with demo on my Fork for trying to make it work. (certificate included)
Once the enableEncryption are fix; the php client are working, but not a web browser.

https://github.com/Pierozi/Websocket/pull/1/files#diff-5a72b4fa5efc1217f53f085c8580c79eR94

Maybe this is due to my certificate, self-signed, works great with php client because i've set context who allow self-signed and not verify peer.

If anyone have time to test it with real certificate, that could be good.

[Pierozi]

@Hywan next step is to make real test with anothers Clients.
Yesterday i've tried with Go Client Gorilla
but the support of TLS is not esay to enable.

The Browser client like Chrome still don't work, but I only make test with self-signed TLS certificate.
If anyone know how to reprocude this context on Javascript client, please leave a comment.

[Hywan]

@Pierozi Why not having a self-signed certificate for both the client and the server and test with Hoa\Websocket\Client and Hoa\Websocket\Server? Where is the issue with this strategy?

[Pierozi]

Huh ? Both ? It's web standard SSL handshake is one way, server side certificate.
My patch fix TLS issue for let Hoa\WebSocket\Client work with Hoa\WebSocket\Server

now we need make it compatible with others clients, and maybe is not an Hoa issue.
You see if you setup Server with encryption, the client cannot work with the propers settings. because it's responsabilities to client to allow self-signed certificate and not verify host. it's HTTPS rules

[rokha]

Hi @Pierozi and @Hywan
I used this library into my PHP+Angular application and got an SSL certificate from letsencrypt. Post that I couldn't connect to the server as it would fail authentication. @Pierozi my client was in JS and I tested from Chrome and Mozilla while the server is LAMP with Laravel. Eventually, I switched back to http. I was wondering if you guys had a chance to peek under the hood again.

Since I am new to websockets, I couldn't come up with a solution. Let me know if I can help.

[Pierozi]

@rokha thanks for your feedback, issue is clearly related to our implementation of Hoa\Http beside Hoa\WebSocket the SSL Handshake fail.

Let's encrypt is a good candidate for our test, i will try to update my POC today with it and let you know.

btw, you didn't know a WebSocket client supporting TLS ?

[rokha]

@Pierozi Initially I tested with a chrome extension I found. I tested Hoa\WebSocket for ws only. Later when my application started to work as expected, I switched ws to wss and it didn't. I hope this is what you were looking for.

[Pierozi]

Hello @rokha, after couples research it seems no one really care about direct TLS encryption of websocket server because in real use case you will certainly have a Load balancer or Proxy webserver like Nginx who will deal the encryption and forward into your private network the websocket.

[Hywan]

ping?
#78 has been merged. Can we close this one?

[Pierozi]

Encryption work between our Client and Server, but not with HTTPS Client.

[Hywan]

@Pierozi What should we do to get it works?