1. Forum
  2. DOVE-Net
  3. Synchronet Discussion

  • websocket error Bad certificate

    From Ragnarok@VERT/DOCKSUD to DOVE-Net.Synchronet_Discussion on Wed Jun 24 23:39:44 2020
    i try to use ftelnet with my bbs

    i run nginx as webserver with letscrypt cert (using acme.sh as client)
    and

    my services ini:

    [WSS]


    Port=11235


    Options=NO_HOST_LOOKUP|TLS


    Command=websocketservice.js

    the error say bad certificate, can i set wich certificate must be uses
    by these service?


    Jun 24 23:32:28 scarlet synchronet: srvc 0216 WSS connection accepted
    from: 152.169.163.196 port 33252
    Jun 24 23:32:28 scarlet synchronet: srvc 0216 WSS JavaScript service
    thread started
    Jun 24 23:32:28 scarlet synchronet: term 0216 TLS ERROR 'Received TLS
    alert message: Bad certificate' (-1) popping data
    Jun 24 23:32:28 scarlet synchronet: srvc 0216 WSS Timeout exceeded while waiting for complete handshake
    Jun 24 23:32:28 scarlet synchronet: srvc 0216 WSS WebSocket handshake
    failed (likely a port scanner)
    Jun 24 23:32:28 scarlet synchronet: srvc 0216 WSS service thread
    terminated (0 clients remain, 6 total, 9 served)

    ---
    þ Synchronet þ Dock Sud BBS TLD 24 HS - bbs.docksud.com.ar
  • From Ragnarok@VERT/DOCKSUD to Ragnarok on Thu Jun 25 00:06:40 2020
    El 24/6/20 a las 23:39, Ragnarok escribi¢:
    i try to use ftelnet with my bbs

    i run nginx as webserver with letscrypt cert (using acme.sh as client)
    and

    fixed!

    i create a proxy url to the sbbs service at nginx:

    location /wstelnet {


    proxy_pass https://localhost:11235;


    # this magic is needed for WebSocket


    proxy_http_version 1.1;


    proxy_set_header Upgrade $http_upgrade;


    proxy_set_header Connection "upgrade";


    proxy_set_header Host $http_host;


    proxy_set_header X-Real-IP $remote_addr;


    }

    then set the path to ftelnet:


    var Options = new fTelnetOptions();
    Options.Hostname = "bbs.docksud.com.ar";
    Options.Port = 443;
    Options.ForceWss = true;
    Options.WebSocketUrlPath = '/wstelnet';
    Options.Font = 'CP850';
    var Client = new fTelnetClient('fTelnetContainer', Options);

    and voil !!!

    ---
    þ Synchronet þ Dock Sud BBS TLD 24 HS - bbs.docksud.com.ar
  • From echicken@VERT/ECBBS to Ragnarok on Wed Jun 24 23:38:13 2020
    Re: Re: websocket error Bad certificate
    By: Ragnarok to Ragnarok on Thu Jun 25 2020 00:06:40

    i run nginx as webserver with letscrypt cert (using acme.sh as client)
    and

    fixed!

    Glad you figured it out.

    i create a proxy url to the sbbs service at nginx:

    location /wstelnet {

    Options.WebSocketUrlPath = '/wstelnet';

    My setup is similar, however I don't use a custom path.

    I have nginx doing this:

    server {
    listen 1124 ssl;
    ...
    location / {
    proxy_pass http://localhost:1123;
    ...
    }
    }

    And in modopts.ini -> [web] I set the 'wssp' key to 1124, which overrides the port that fTelnet connects to for WSS.

    My method is *slightly* simpler because it doesn't require alterations to home.xjs and uses the config file instead, but your solution is equally valid.

    ---
    echicken
    electronic chicken bbs - bbs.electronicchicken.com
    ■ Synchronet ■ electronic chicken bbs - bbs.electronicchicken.com
  • From echicken@VERT/ECBBS to Ragnarok on Wed Jun 24 23:43:18 2020
    Re: Re: websocket error Bad certificate
    By: echicken to Ragnarok on Wed Jun 24 2020 23:38:13

    And in modopts.ini -> [web] I set the 'wssp' key to 1124, which overrides the port that fTelnet
    connects to for WSS.

    My method is *slightly* simpler because it doesn't require alterations to home.xjs and uses the
    config file instead, but your solution is equally valid.

    I should say that some of this only really applies if you're using webv4. I see that you have it here:

    https://bbs.docksud.com.ar/web/

    but you were probably talking about this page here:

    https://bbs.docksud.com.ar/telnet

    ---
    echicken
    electronic chicken bbs - bbs.electronicchicken.com
    ■ Synchronet ■ electronic chicken bbs - bbs.electronicchicken.com
  • From Ragnarok@VERT/DOCKSUD to echicken on Thu Jun 25 02:26:43 2020
    El 25/6/20 a las 00:43, echicken escribi¢:
    Re: Re: websocket error Bad certificate
    By: echicken to Ragnarok on Wed Jun 24 2020 23:38:13

    And in modopts.ini -> [web] I set the 'wssp' key to 1124, which overrides the port that fTelnet
    connects to for WSS.

    My method is *slightly* simpler because it doesn't require alterations to home.xjs and uses the
    config file instead, but your solution is equally valid.

    I should say that some of this only really applies if you're using webv4. I see that you have it here:

    https://bbs.docksud.com.ar/web/

    but you were probably talking about this page here:

    https://bbs.docksud.com.ar/telnet


    yeah! i use my main site with nginx on https://bbs.docksud.com.ar/telnet
    and /web is a proxy for the sbbs web server with webv4.

    now i fix to work the ftelnet on webv4 too as you suggested i use the modopts.ini (great tip!)

    i just only edit the 000-home.xjs to add the websocket path that i need:

    Options.WebSocketUrlPath= '<?xjs write(settings.wsspath || '');?>';

    if you can add this option for future releases i'm very graceful, maybe
    can be useful for other people too

    thanks you!!!

    ---
    þ Synchronet þ Dock Sud BBS TLD 24 HS - bbs.docksud.com.ar