I’m trying to remotely access a Bela device. A webpage can be accessed on port 80 and certain parts of the webpage need a websocket connection (:5555) page to render. Locally the whole page works but remotely the websocket part fails to load. Firefox console gives me:
Ho @nooisy. WebSockets require raw TLS termination (or raw TCP) to work in boringproxy. Are you using that?
Many thanks for your response @anders. I have just tested raw TLS termination. Server raw TLS gives me the same websocket errors as before and raw client gives me SSL_ERROR_INTERNAL_ERROR_ALERT.
Hm. Another problem I see is that it looks like you’re trying to access a specific port (5555) through the boringproxy server. By default boringproxy only works with TLS on port 443. You can use other ports, but you need to set “Tunnel Port: 5555” and “Allow External TCP: true”. This basically directly connects boringproxy port 5555 to whatever local port you’re using on the client machine. This also means you won’t get any TLS termination by default, which it looks like Firefox might be forcing. If that’s the case you’ll need to terminate TLS yourself. Things can get pretty complicated at that point.
The ideal solution would probably be if you could configure the WebSockets to use TLS somehow (port 443) on a separate domain, and set up a separate tunnel (with raw TLS) so that boringproxy handles the TLS, but the WebSocket connection is passed through unencrypted.