Photon Server Secure Web Socket Problem

canberksoner
edited May 2017 in Photon Server
I'm trying to setup my server for wss connections. The server is a custom application built on photon sdk, not derived from one of the sample projects.

I've followed the guide at https://doc.photonengine.com/en-us/onpremise/current/operations/websockets-ssl-setup .

Right now, non-secure websocket connections are working, and secure web socket connections with a self-signed certificate are working as well. However, when I tried to use my actual ssl certificate, the server logs the following errors:

14864: 15:14:31.189 - Failed to locate certificate "*companyname.com" in store "MY"
14864: 15:14:31.189 - CService::OnException() - Exception: CreateCredentials() - No certificate available
14864: 15:14:31.189 - Server shutting down...

My photonserver.config file contains the settings for web socket listener like this:

WebSocketListener
IPAddress="0.0.0.0"
Port="9090"
DisableNagle="true"
InactivityTimeout="10000"
OverrideApplication="mygameserver"
Secure = "true"
StoreName = "MY"
CertificateName = "*companyname.com"
UseMachineStore = "true">

I have tried setting UseMachineStore to false, leaving StoreName field as "default" or writing "Personal" there, it made no difference.

I have tried running the server on 2 machines. First one was a virtual machine hosted on Azure. In case I somehow messed up setting up the ssl on the VM, I tried a second machine, which is the server machine we're using for our backend etc. so I know that the ssl on the second one is setup properly.

Kinda out of ideas right now. I need wss, there is no alternative.

Comments

  • hi, @canberksoner

    what name is used to register your sertificate?
    could you provide real config?

    best,
    ilya
  • Hi @chvetsov

    I've solved the issue, apparently there was a typo in the config file.

    However, I've ran into another issue.

    After calling connect, SocketWebTcp object logs:

    DebugReturn: Exiting receive thread: Server: wss://:9090 Error: Abnormal disconnection.

    in the ReceiveLoop method.

    The server log says:

    2016: 16:58:54.371 - CTCPSocketServer::ReadCompleted - Exception - CTCPStreamProcessor::ProcessDataStream() - Invalid message format: 0x3 - 42 - 03 00 00 2A 25 E0 00 00 00 00 00 43 6F 6F 6B 69 65 3A 20 6D 73 74 73 68 61 73 68 3D 54 65 73 74 0D 0A 01 00 08 00 03 00 00 00 - ...*%......Cookie: mstshash=Test..........


  • please, provide config and logs.
    also what type and version of client lib are you using

    best,
    ilya
  • This is getting increasingly weird. I cannot reproduce the issue I mentioned above, because now my clients aren't able to establish a connection to the server.

    For the server, dll version is 4.0.28.11245.
    For the client. dll version is 4.1.1.6. (the zip file I downloaded says 4.1.1.7 but dll version is 4.1.1.6)

    Also, websocket-sharp.dll is 1.0.2.28118.

    Not sure what you mean by "type". We have imported the Photon3Unity3D.dll from one of the samples that come with Photon Unity3D sdk.

    On the client, after calling PhotonPeer.Connect (it returns true), following logs are written by SocketWebTcp.cs:

    DebugReturn: ReceiveLoop()
    DebugReturn: Exiting receive thread. Server: wss://168.63.141.128:9090 Error: Abnormal disconnection.



    Firefox console also says:
    Firefox can’t establish a connection to the server at wss://168.63.141.128/


    On Chrome, browser console says:
    WebSocket connection to 'wss://168.63.141.128/' failed: Error in connection establishment: net::ERR_CONNECTION_TIMED_OUT


    I'm not sure how to attach files to a post here, and I couldn't figure out how to post an xml content here without simple html attempting to parse it.
  • ok, i got it

    please send e-mail to developer at photonengine.com and attach everything i've asked. under 'type' of client lib i meant native, .net sdk PUN or what ever you are using from client side.
    also please infrom me how do you send messages to server

    best,
    ilya
  • Done. Sent a mail including the files and explanations.
  • we got it
    thank you
    best,
    ilya
  • Writing here in case anyone else makes the same mistake:

    Our clients were trying to connect to the server using an IP address, which was causing the SSL to fail.

    I've set the clients to connect to subdomain.companyname.com (certificate is issued to *.companyname.com) and redirected subdomain.companyname.com to our server's IP, it worked.