Why doesn’t Webkit accept my simple websocket? – Blancer.com Tutorials and projects

I’m relatively new to websockets. I have a simple secure websocket system that does what I need it to do. I’ve been using it in my application for months, and it’s been going great, but it only works in Gecko and Blink, not Webkit. Webkit gives me this error.

WebSocket connection to 'wss://[domain]:8082/' failed: Unacceptable TLS certificate

I’m gonna be honest. I didn’t know what a TLS certificate is XD I’ve never heard about TLS in all my years of web development. After looking it up, it appears to be synonymous with SSL, so I assume Webkit doesn’t like my SSL certificate for some reason. Please tell me if that’s not what it means.

So why would that be? Why would Webkit not accept my SSL certificate when the other browser engines do, without a single complaint?

Here is the initial part of my server-side code in Nodejs.

var fs=require("fs")
;var https=require("https")
;var ws=require("ws")
;var server=https.createServer
(
    {
        cert:fs.readFileSync([path to the certificate])
        ,key:fs.readFileSync([path to the key])
    }
    ,function(request,response)
    {
        response.setHeader("Access-Control-Allow-Origin","https://[domain]")
        ;if(request.method==="OPTIONS")
        {
            response.writeHead(200)
            ;response.end()
        }
        else
        {
            response.writeHead(405)
            ;response.end()
        }
    }
)
;var websocketServer=new ws.Server({server:server})
;server.listen(8082)

On the client side, the connection is made with one simple line.

var websocket=new WebSocket("wss://[domain]:8082")

This is pretty standard stuff I think. I would expect it to work across all major browsers, but Webkit apparently says no.

Extra question: Is there perhaps an easy way I’m unaware of to automatically update which SSL certificate my code selects to give out? Whenever I get a new one every few months or so, I manually edit the code to point to that most recent one. But if I get a new one in the middle of the night, that means my application will be broken until I wake up. The actual certificate files have drastically different names each time, and the directory they’re in also contains certificates for other domains and subdomains, so I can’t figure out a reliable algorithmic way to select the right one automatically.