Secure Websocket Issue

Question

Secure Websocket Issue

andreldc opened this issue 9 years ago · 6 comments

Hi, johnlauer!

Your Serial Port JSON Server is really amazing and worked fine for me on my testing environment, that uses HTTP. It happens that my final application uses HTTPS and modern browsers won't allow insecure websockets in a secure connection (https://codereview.chromium.org/248863003/).

I took a glance at the source code (even not knowing much about GO) and I think that SJPS don't accept secure sockets, right? If so, is there any hope for me?!

I was starting to write a javascript connector to make it easier to use. If you like, I can send you the code so you can share it along with the SPJS.

Thanks!

Andre Costa

Answer 1 · 2015-07-13T16:40:55.000Z

I'd love to see secure sockets support. I think you're going down a tough road as folks won't just be able to plug and play anymore, rather they'll have to create their private/public key pair and install it. I suggest you create a global one that everyone can use out of the box, but I bet you'll get folks complaining how insecure that is.

Take a look at this fork by the Arduino guys to see if you can borrow some of their wss:// code. It looks like they rolled back their changes for that, but maybe there's some gold nuggets for you. If you make these, I'd love a pull request so I can get them into the mainline.

-John

Answer 2 · 2016-02-16T15:42:42.000Z

I'd like to second this request. My app (https://grid.space/kiri) has to serve over https to be integrated into Onshape. But I deeply wish to send directly to the serial port server instead of tabbing out to another http app.

Answer 3 · 2016-02-16T15:47:37.000Z

Since the new Arduino Web IDE is based on SPJS, the Arduino team added SSL to SPJS. So, it may not be that bad to add SSL now. I am not sure if generating the certificates is hard, but their installer actually adds fake root certificates to your local browser. So, the cert could be the hardest part. You up for trying to integrate?

Answer 4 · 2016-02-16T15:47:50.000Z

Oops. Didn't mean to close.

Answer 5 · 2016-02-17T05:41:11.000Z

well, it was easy enough to setup stunnel to front the serial-port-json-server for wss:// and all is well now. sadly, I have no go skills to help out here.

Answer 6 · 2016-02-17T05:46:02.000Z

That sounds like a decent approach, but if you're trying to have lots of users install SPJS, that will cause lots of weirdness for them to setup.