Good morning, I would like to move my web server from a non secure (http:) version to a secure one (https:). My server is an ".exe" file developped in C# using HttpServer and installed at home and reachable through my box provider (NAT) and locally of course.
My code:
- Working Http:
m_httpServer = new HttpServer(80); m_httpServer.AddWebSocketService("/ws");
and in my javasctipt file : var webSocket = new WebSocket("ws://127.0.0.1:80/ws");
- Not working Https: m_httpServer = new HttpServer(444, true); m_httpServer.SslConfiguration.ServerCertificate = new X509Certificate2("dvacomdomserver.crt"); m_httpServer.AddWebSocketService("/wss");
and in my javasctipt file : var webSocket = new WebSocket("wss://127.0.0.1:444/ws");
Note : I use port 444 instead 443 because looks like it is used already when "netstat -a"
I built key and self signed certificate using openssl by these 3 commands: openssl genrsa -out dvacomdomserver.key 2048 openssl req -new -key dvacomdomserver.key -out dvacomdomserver.csr -subj "/C=FR/ST=Vosges/L=StJulien/O=DVACom/OU=DVACom/CN=localhost" -addext "subjectAltName = IP:127.0.0.1" openssl x509 -req -days 365 -in dvacomdomserver.csr -signkey dvacomdomserver.key -out dvacomdomserver.crt These 3 files are in the exe running folder and I imported the "dvacomdomserver.csr" certificat in the trust root certification authority (Do I have something else to do?)
When the server starts, everything looks ok (no error message about certificat for example) but when I try to connect by opening the web site in Edge, I got a "failed to connect" message.
ALso when I try to spy the message on "tcp port = 444" with Wireshark there is no traffic at all. I think the connection request doesn't go out the Edge browser because I cannot see annything in my programm debuging with Visual Studio.
Also I deactivated my firewall.
Another point if it works, how to create a signed certificat with Let's Encript if there is no domain. I reach my site with "http://xx.xx.xx.xx:yyyy". Box Public Address and port. and Certbot asks for a domain.
As I am not an expert on SSL, I wonder if I forgot to do something because I saw a lot of examples which looks very simple. So maybe something like a bad certificate installation?
I hope I've been clear. Don't hesitate to ask me more clarification.
Thank you very much.
Best regards.
DVaCom / Dominique Vagney