Laozi 老子 Comments - Answer Overflow

Laozi 老子

•Created by Laozi 老子 on 7/12/2023 in #workers-discussions

Websocket issue with Flexible SSL

Another other alternative is to install NGINX on the server and have that do the SSL and proxy to my server locally. Just trying to understand the cloudflare handling of websockets so I don't waste too much time going in wrong directions. Or if i need to create a worker...

12 replies

CDCloudflare Developers

•Created by Laozi 老子 on 7/12/2023 in #workers-discussions

Websocket issue with Flexible SSL

To do that i need to find a new library to use in my server code since the one I'm using doesn't support SSL. I just want to make sure how cloudflare expects us to use Websockets since the documentation doesn't really mention anything relating to SSL or Port Numbers.

12 replies

CDCloudflare Developers

•Created by Laozi 老子 on 7/12/2023 in #workers-discussions

Websocket issue with Flexible SSL

I'm wondering if perhaps I need to setup the websocket server to have SSL and use port 443 (which is currently available). then see if cloudflare will proxy it on default ports

12 replies

CDCloudflare Developers

•Created by Laozi 老子 on 7/12/2023 in #workers-discussions

Websocket issue with Flexible SSL

I dont see any cloudflare errors, does that answer your question?

12 replies

CDCloudflare Developers

•Created by Laozi 老子 on 7/12/2023 in #workers-discussions

Websocket issue with Flexible SSL

on the server side using tcpdump to sniff the ethernet I don't see any inbound TCP SYN for port 8080 come from anywhere

12 replies

CDCloudflare Developers

•Created by Laozi 老子 on 7/12/2023 in #workers-discussions

Websocket issue with Flexible SSL

all i see is the console messages

WebSocket connection to 'wss://my.domain:8080/echo' failed: 
(anonymous) @ ws-test.php:2
ws-test.php:25 [error]
ws-test.php:20 [close] Connection died

WebSocket connection to 'wss://my.domain:8080/echo' failed: 
(anonymous) @ ws-test.php:2
ws-test.php:25 [error]
ws-test.php:20 [close] Connection died

12 replies

CDCloudflare Developers

•Created by Laozi 老子 on 7/12/2023 in #workers-discussions

Websocket issue with Flexible SSL

To test I started a basic websocket server on port 8080 (non-SSL). I confirmed it's listening on port 8080 and that the firewall has cloudflare IP's in the trusted zone. I created a static HTML page with a single javascript

    let socket = new WebSocket("wss://my.domain:8080/echo");

    socket.onopen = function(e) {
        console.log("[open] Connection established");
        console.log("Sending to server");
        socket.send("My name is John");
    };

    socket.onmessage = function(event) {
        console.log(`[message] Data received from server: ${event.data}`);
    };

    socket.onclose = function(event) {
        if (event.wasClean) {
            console.log(`[close] Connection closed cleanly, code=${event.code} reason=${event.reason}`);
        } else {
            // e.g. server process killed or network down
            // event.code is usually 1006 in this case
            console.log('[close] Connection died');
        }
    };

    socket.onerror = function(error) {
        console.log(`[error]`);
    };

    let socket = new WebSocket("wss://my.domain:8080/echo");

    socket.onopen = function(e) {
        console.log("[open] Connection established");
        console.log("Sending to server");
        socket.send("My name is John");
    };

    socket.onmessage = function(event) {
        console.log(`[message] Data received from server: ${event.data}`);
    };

    socket.onclose = function(event) {
        if (event.wasClean) {
            console.log(`[close] Connection closed cleanly, code=${event.code} reason=${event.reason}`);
        } else {
            // e.g. server process killed or network down
            // event.code is usually 1006 in this case
            console.log('[close] Connection died');
        }
    };

    socket.onerror = function(error) {
        console.log(`[error]`);
    };

to be continued...

12 replies

CDCloudflare Developers

•Created by Laozi 老子 on 7/12/2023 in #workers-discussions

Websocket issue with Flexible SSL

Hey Erisa, Thank you for your response and suggestions. I appreciate your guidance regarding the security considerations with Flexible SSL. In this specific scenario, the apps I'm working on are purely personal hobbies that don't involve any sensitive data. As the sole end-user and target audience, I'm not concerned about data theft. However, I do value the protection Cloudflare provides for my origin server's IP and the browser security benefits. Considering your recommendation, I'm open to exploring both options. Installing Let's Encrypt SSL certificates and using the Full mode or utilizing Cloudflare Tunnel to maintain security while running an HTTP-only web server are both viable alternatives. My main objective is to get my Websocket connections up and running efficiently, and I'm open to implementing the best solution for my specific use case. Additionally, I heard that creating a Cloudflare worker to proxy the Websocket connections might be a potential workaround. If you have any insights or suggestions regarding this approach, I'd appreciate your input. Once again, thank you for your help and taking the time to address my concerns. I look forward to your further advice and insights on resolving the Websocket issue. Best regards, Russell

12 replies

Gaming

Programming