Use Secure Websocket with PHP - Crypted handshake
https://stackoverflow.com/questions/11450428
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianВопрос
I read that (secure) Websocket are using the same ports that the HTTP(S) protocol. However, my PHP Websocket Server receive crypted handshake from clients, i'm listening to open connections on 12345 port.
My system works well through non-secure websocket but i need to add the secure feature and i don't understand why i receive these crypted handshakes. It would be transparent to me thanks to OSI model...
If I configure apache to activate the SSL engine and listening on 12345 port. I wont be able to use this port again for my PHP Websocket server because it will be then in state "already used"... or i have forgotten something...
I'm lost :(
EDIT:
Here is my secure websocket header (using wss://):
Request URL:wss://localhost:12345/
And here my simple websocket header (using ws://):
Request URL:ws://localhost:12345/
Request Method:GET
Status Code:101 Switching Protocols
Request Headersview source
Connection:Upgrade
Host:localhost:12345
Origin:http://localhost
Sec-WebSocket-Extensions:x-webkit-deflate-frame
Sec-WebSocket-Key:wovBDvKiKdy/+0Y2BQPr9w==
Sec-WebSocket-Version:13
Upgrade:websocket
(Key3):00:00:00:00:00:00:00:00
Response Headersview source
Connection:Upgrade
Sec-WebSocket-Accept:1ao7ngQG4LAa3JxFibyvoocbSAM=
Upgrade:websocket
(Challenge Response):00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
Why i get more without secure connection?
Решение
I read that (secure) Websocket are using the same ports that the HTTP(S) protocol
By default, yes - but you can override the port in both via the URL, consider:
http://www.example.com:443/
https://www.example.com:8080/
http://www.example.com:12345/
If something else is already listening on a particular port/address then you can't run a second server there - so if your webserver is already listening on port 443 (https) you won't be able to run a seperate websocket server on the same port.
Just leave you HTTPS server at 443 and run the ssl ws server at 12345.
Just saw your last comment.
SSL is not just about which port you listen on - the traffic is encrypted. If you want to handle wss traffic then you need an SSL capable server. There are various ways of implementing this it depends how you implemented the current server.
