Socket.io ERR_SSL_PROTOCOL_ERROR

Setup:

  • centOS 7
  • Apache (httpd package)
  • https (letsencrypt)
  • subdomain
  • socket.io running on port 3000, v4
  • connection via socket-admin ui
  • vps

I have checked this question, and it didn’t work for me, and I’ve tried all options: How to connect to socket io via ssl, serving files by apache2

Either my setup is wrong or my apache config. I’m not sure how to setup it well at this point. The SocketIO server should be running on https.

Running DEBUG=socket* node app.js will print out the url of the VPS as a hostname and serverId instead of the domain, which is… a part of the issue? I’m not sure.

app.js (I’ve tried changing https to http and removing the keys from the options of the server).

with https => net::ERR_SSL_VERSION_OR_CIPHER_MISMATCH, with http => net::ERR_SSL_PROTOCOL_ERROR

import express from "express";
const app = express();

import fs from "fs"
import {createServer} from "https";
const httpServer = createServer(app);
import {Server} from "socket.io";
import {instrument} from "@socket.io/admin-ui"

const io = new Server(httpServer, {
  key: fs.readFileSync('/etc/letsencrypt/live/mydomain/privkey.pem'),
  cert: fs.readFileSync('/etc/letsencrypt/live/mydomain/cert.pem'),
  ca: fs.readFileSync('/etc/letsencrypt/live/mydomain/chain.pem'),
  allowRequest: (request, callback) => {
    //let ipAddress = request.connection.remoteAddress
    //let origin = request.headers.origin
    //let userAgent = request.headers['user-agent']

    callback(null, true);
  },
  cors: {
    origin: ["https://admin.socket.io"],
    credentials: true,
  },
  path: "/websocket/socket",
});

httpServer.listen(3000, () => {
  API.initConnection()
})

My Apache conf

<VirtualHost *:80>
    DocumentRoot /var/www/mydomain

    ServerName mydomain

    <Directory "/var/www/mydomain">
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
    </Directory>

    LogLevel debug  ssl:info
        SSLEngine on

        Include /etc/letsencrypt/options-ssl-apache.conf
        SSLCertificateFile /etc/letsencrypt/live/mydomain/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/mydomain/privkey.pem

        RewriteEngine On
        #RewriteCond %{SERVER_NAME} =mydomain [OR]
        #RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
        RewriteCond %{REQUEST_URI}  ^/websocket/socket          [NC]
        RewriteCond %{QUERY_STRING} transport=websocket    [NC]
        RewriteCond %{HTTP:Upgrade} websocket              [NC]
        RewriteCond %{HTTP:Connection} upgrade             [NC]
        RewriteRule /(.*)           wss://localhost:3000/$1 [P,L]

        #ProxyPass "/websocket/socket" "http://localhost:3000/websocket/socket"
        #ProxyPassReverse "/websocket/socket  " "http://localhost:3000/websocket/socket"

</VirtualHost>

Your help is much appreciated.