WAMP Authentication and TLS?

#1

I was trying out the WAMP authentication, that worked for me (basically the example code). Then, I changed the url from ws: to wss:. My python code connects to the my server OK using TLS, but, I can’t get the web client to connect using wss:. When I look at the TLS example, the web client uses a different connection technique. Are there any tricks to using using a wss://x:9000 wsuri with the ab.connect() call? I’m using a Chrome browser if that matters.

-g

0 Likes

#2

I was trying out the WAMP authentication, that worked for me (basically
the example code). Then, I changed the url from ws: to wss:. My python
code connects to the my server OK using TLS, but, I can't get the web
client to connect using wss:. When I look at the TLS example, the web
client uses a different connection technique. Are there any tricks to
using using a wss://x:9000 wsuri with the ab.connect() call? I'm using
a Chrome browser if that matters.

WAMP-CRA (authentication) and TLS are orthogonal. You should be fine change only "ws" => "wss" with the JS example code that was working for you with the auth example.

BUT: you need to have a valid cert .. the browser won't render "invalid cert .. accept anyway?" dialogs.

Given that WS/WAMP runs on

wss://myhost.com:7000

in FF, you can import a self-signed cert by visiting

https://myhost.com:7000

since AB will render a status HTML page (exactly for this import convenience).

You can also run your HTML serving and WS/WAMP on _the same port_, and then you will get the accept cert dialog also ..

So this is likely all more about making a successful WebSocket connection over TLS in the first place .. not about WAMP, not about WAMP-CRA.

/Tobias

···

Am 17.11.2013 21:35, schrieb Greg Fausak:

-g

--
You received this message because you are subscribed to the Google
Groups "Autobahn" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to autobahnws+...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.

0 Likes

#3

Ah, that makes sense!

I connected the browser to https://x:9000, accepted

the certificate, then proceeded with the web socket call.

I guess I need to buy a cert, thanks Tobias!

-g

···

On Sunday, November 17, 2013 2:51:45 PM UTC-6, Tobias Oberstein wrote:

Am 17.11.2013 21:35, schrieb Greg Fausak:

I was trying out the WAMP authentication, that worked for me (basically

the example code). Then, I changed the url from ws: to wss:. My python

code connects to the my server OK using TLS, but, I can’t get the web

client to connect using wss:. When I look at the TLS example, the web

client uses a different connection technique. Are there any tricks to

using using a wss://x:9000 wsuri with the ab.connect() call? I’m using

a Chrome browser if that matters.

WAMP-CRA (authentication) and TLS are orthogonal. You should be fine
change only “ws” => “wss” with the JS example code that was working for
you with the auth example.

BUT: you need to have a valid cert … the browser won’t render “invalid
cert … accept anyway?” dialogs.

Given that WS/WAMP runs on

wss://myhost.com:7000

in FF, you can import a self-signed cert by visiting

https://myhost.com:7000

since AB will render a status HTML page (exactly for this import
convenience).

You can also run your HTML serving and WS/WAMP on the same port, and
then you will get the accept cert dialog also …

So this is likely all more about making a successful WebSocket
connection over TLS in the first place … not about WAMP, not about
WAMP-CRA.

/Tobias

-g

You received this message because you are subscribed to the Google

Groups “Autobahn” group.

To unsubscribe from this group and stop receiving emails from it, send

an email to autobahnws+...@googlegroups.com.

For more options, visit https://groups.google.com/groups/opt_out.

0 Likes