The WebSocket connection starts its life with an HTTP or HTTPS handshake. When the page is accessed through HTTP, you can use WS or WSS (WebSocket secure: WS over TLS) . However, when your page is loaded through HTTPS, you can only use WSS - browsers don&#39;t allow to &quot;downgrade&quot; security.

You can&#39;t use WebSockets over HTTPS, but you can use WebSockets over TLS (HTTPS is HTTP over TLS). Just use &quot;wss://&quot; in the URI.

I believe recent version of Firefox won&#39;t let you use non-TLS WebSockets from an HTTPS page, but the reverse shouldn&#39;t be a problem.

1 additional caveat (besides the answer by kanaka/peter): if you use WSS, and the server certificate is not acceptable to the browser, you may not get _any browser rendered dialog_ (like it happens for Web pages). This is because WebSockets is treated as a so-called &quot;subresource&quot;, and certificate accept / security exception / whatever dialogs are not rendered for subresources.

To support the answer by @oberstet, if the cert is not trusted by the browser (for example you get a &quot;this site is not secure, do you want to continue?&quot;) one solution is to open the browser options, navigate to the certificates settings and add the host and post that the websocket server is being served from to the certificate provider as an exception.

for example add &#39;example-wss-domain.org:6001&#39; as an exception to &#39;Certificate Provider Ltd&#39;.

In firefox, this can be done from &#39;about:preferences&#39; and searching for &#39;Certificates&#39;

I wrote REST service using ASP.NET Web API.
I&#39;m trying to send HttpDelete request, however I get the following error:

&gt; 405 - HTTP verb used to access this page is not allowed

I think I&#39;m close to the solution, I found out that I should enable IIS remote management , go to Handler Mappings section and add DELETE verb to the appropriate position...
but the problem is that there is a lots of different positions on the list...
(sth like here: http://www.somacon.com/p126.php).

Which one should I edit? 
Few of them don&#39;t have extension, e.g. &quot;ExtensionUrlHandler-Integrated-4.0&quot; and I added DELETE verb to it, but it still doesn&#39;t work...

It was just a shot in the dark to modify that one, so should I modify different position? If so, which one? Or maybe is there anything more what I should do?

The same web service work perfectly fine on my local service, so I guess the problem is with the remote IIS...

Greetings

Asp.NET Web API - 405 - HTTP verb used to access this page is not allowed - how to set handler mappings

I&#39;m using JPA (EclipseLink) and Spring. Say I have a simple entity with an auto-generated ID:
    
    @Entity
    public class ABC implements Serializable {
         @Id
         @GeneratedValue(strategy=GenerationType.IDENTITY)
         private int id;
         
         // ...
    }

In my DAO class, I have an insert method that calls `persist()` on this entity. I want the method to return the generated ID for the new entity, but when I test it, it returns `0` instead.

    public class ABCDao {
        @PersistenceContext
        EntityManager em;

        @Transactional(readOnly=false)
        public int insertABC(ABC abc) {
             em.persist(abc);
             // I WANT TO RETURN THE AUTO-GENERATED ID OF abc
             // HOW CAN I DO IT?
             return abc.id; // ???
        }
    }

I also have a service class that wraps the DAO, if that makes a difference:

    public class ABCService {
        @Resource(name=&quot;ABCDao&quot;)
        ABCDao abcDao;

        public int addNewABC(ABC abc) {
             return abcDao.insertABC(abc);
        }
    }

JPA - Returning an auto generated id after persist()

Is it possible to have WebSockets with HTTPS?

When switching to HTTPS, my WebSocket returns a security error and works perfectly with regular HTTP.

Below, a snippet;

    socket = new WebSocket(&quot;ws://my_www:1235&quot;); 


WebSocket with SSL

Is it possible to have WebSockets with HTTPS?
When switching to HTTPS, my WebSocket returns a security error and works perfectly with regular HTTP.
Below, a snippet;
<pre><code class="hljs language-ini">socket = new WebSocket("ws://my_www:1235"); 
</code></pre>

If I go to www.example.com which has an image on the page that links to assets.example.com which is a CNAME for assets.example2.com. 

Will I get the green lock even if assets.example2.com does not have a certificate, but assets.example.com does?

CNAME SSL certificates

Running the following code, I get an exception:

    using (var client = new Pop3Client())
    {
        client.Connect(provider.ServerWithoutPort, provider.Port, true);
    }

The Exception I get:

    The remote certificate is invalid according to the validation procedure.
    
    
       at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)
       at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest)
       at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)
       at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost, X509CertificateCollection clientCertificates, SslProtocols enabledSslProtocols, Boolean checkCertificateRevocation)
       at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost)
       at OpenPop.Pop3.Pop3Client.Connect(String hostname, Int32 port, Boolean useSsl, Int32 receiveTimeout, Int32 sendTimeout, RemoteCertificateValidationCallback certificateValidator)
       at OpenPop.Pop3.Pop3Client.Connect(String hostname, Int32 port, Boolean useSsl)
       at Ugi.Server.Sources.Logic.SourcesService.IsValidPop3Connection(String email, String emailPassword) in C:\Users\elad\Documents\Visual Studio 2010\Projects\SVN\UGI\Ugi\Server\Sources\Logic\SourcesService.cs:line 246

The remote certificate is invalid according to the validation procedure

I am new to Curl and Cacerts world and facing a problem while connecting to a server.
Basically, I need to test connectivity over https from one machine to another machine.
I have a URL to which I need to connect from Machine A (a linux machine)
I tried this on command prompt

    cmd&gt; curl https://[my domain or IP address]

 and got the following:

    curl: (60) SSL certificate problem, verify that the CA cert is OK. Details:
    error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

On going through some articles over internet I did this:

    openssl s_client -connect &lt;domain name or Ip address&gt;:443

 and got some response including the
server certificate (inside `-----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----`).


What should I do next from here. I think, I will have to just copy paste the text inside
`BEGIN CERTIFICATE &amp; END CERTIFICATE` and save it in a file.
But, 
What type of file it should be? `.pem`, `.crt` ?..
What should I be do after that?

I tried this - copied the text inside `BEGIN CERTIFICATE &amp; END CERTIFICATE` and saved it in a `.crt` file  - named it as `my-ca.crt` (also tried the same thing by naming it as `my-ca.pem` file)
and then did this:

    cmd&gt;curl --cacert my-ca.crt https://[my domain or IP address]

But got the same error.


https connection using CURL from command line

I&#39;m adding HTTPS support to an embedded Linux device. I have tried to generate a self-signed certificate with these steps:

    openssl req -new &gt; cert.csr
    openssl rsa -in privkey.pem -out key.pem
    openssl x509 -in cert.csr -out cert.pem -req -signkey key.pem -days 1001
    cat key.pem&gt;&gt;cert.pem

This works, but I get some errors with, for example, Google Chrome:

&gt; This is probably not the site you are looking for!&lt;br&gt;
&gt; The site&#39;s security certificate is not trusted!

Am I missing something? Is this the correct way to build a self-signed certificate?


How to generate a self-signed SSL certificate using OpenSSL?

When I run `bundle install` for my Rails 3 project on Centos 5.5 it fails with an error:

    Gem::RemoteFetcher::FetchError: SSL_connect returned=1 errno=0 state=SSLv3 
    read server certificate B: certificate verify failed 
    (https://bb-m.rubygems.org/gems/multi_json-1.3.2.gem)
    An error occured while installing multi_json (1.3.2), and Bundler cannot continue.
    Make sure that `gem install multi_json -v &#39;1.3.2&#39;` succeeds before bundling.

When I try to install the gem manually (by `gem install multi_json -v &#39;1.3.2&#39;`) it works. The same problem occurs with several other gems. I use RVM (1.12.3), ruby 1.9.2, bundler 1.1.3. 

How to fix it?

bundle install fails with SSL certificate verification error

I am building a small chat application for friends, but unsure about how to get information in a timely manner that is not as manual or as rudimentary as forcing a page refresh.

Currently, I am implementing this using simple AJAX, but this has the disadvantage of regularly hitting the server when a short timer elapses.

In researching long/short polling, I ran across HTML5 WebSockets. This *seems* easy to implement, but I&#39;m not sure if there are some hidden disadvantages. For example, I think WebSockets is only supported by certain browsers. Are there other disadvantages to WebSockets that I should be aware of?

Since it seems like both technologies do the same thing, in what sorts of scenarios would one prefer to use one over the other? More specifically, has HTML5 WebSockets made AJAX long/short polling obsolete, or are there compelling reasons to prefer AJAX over WebSockets?

In what situations would AJAX long/short polling be preferred over HTML5 WebSockets?

What are the differences between socket.io and websockets in
    node.js?  
Are they both server push technologies?
The only differences I felt was,

1. socket.io allowed me to send/emit messages by specifying an event name.

2. In the case of socket.io a message from server will reach on all clients, but for the same    in websockets I was forced to keep an array of all connections and loop through it to send messages to all clients.

Also,
I wonder why web inspectors (like Chrome/firebug/fiddler) are unable to catch these messages (from socket.io/websocket)  from server?

Please clarify this.

Differences between socket.io and websockets

I don&#39;t understand why I cannot make the following code work. I want to connect with JavaScript to my server console application. And then send data to the server.

Here is the server code:

        static void Main(string[] args)
        {            
            TcpListener server = new TcpListener(IPAddress.Parse(&quot;127.0.0.1&quot;), 9998);
            server.Start();
            var client = server.AcceptTcpClient();
            var stream = client.GetStream();

            while (true)
            {
                var buffer = new byte[1024]; 
                // wait for data to be received
                var bytesRead = stream.Read(buffer, 0, buffer.Length);                
                var r = System.Text.Encoding.UTF8.GetString(buffer);
                // write received data to the console
                Console.WriteLine(r.Substring(0, bytesRead));
            }
        }


and here is the JavaScript:


            var ws = new WebSocket(&quot;ws://localhost:9998/service&quot;);
            ws.onopen = function () {
                ws.send(&quot;Hello World&quot;); // I WANT TO SEND THIS MESSAGE TO THE SERVER!!!!!!!!
            };

            ws.onmessage = function (evt) {
                var received_msg = evt.data;
                alert(&quot;Message is received...&quot;);
            };
            ws.onclose = function () {
                // websocket is closed.
                alert(&quot;Connection is closed...&quot;);
            };

When I run that code this is what happens:

[![][1]][1]

Note that when I run the JavaScript the server accepts and successfully establishes a connection. JavaScript is not able to send data though. Whenever I place the send method it will not send even though a connection is established. How can I make this work?

  [1]: http://i.stack.imgur.com/pgnSt.png
  [2]: http://stackoverflow.com/users/1312722/maksims-mihejevs
  [3]: http://i.stack.imgur.com/xsmZh.jpg

Creating a &quot;Hello World&quot; WebSocket example

I finally got `Socket.IO` to work properly, but I have encountered a strange problem.

I am not sure if this is the best way, but I am using:

    io.sockets.clients().length

This returns the number of clients connected to my server. The problem is after a few connects and disconnects of users, the number starts to stay higher than it should be.

For instance, if I connect and ask my friends to, the number goes up which is correct. But when we start to disconnect and reconnect the number does not decrease.

I am running the `Node.js` and `Socket.IO` server on a [VMware][1] [Ubuntu][2] server.

Why is this or is there a better method for finding out how many people are connected to the server?

  [1]: https://en.wikipedia.org/wiki/VMware
  [2]: https://en.wikipedia.org/wiki/Ubuntu_%28operating_system%29




Socket.IO Connected User Count

I&#39;ve been using WebSockets for a while now, I have chosen to create an Agile project management tool for my final year project at University utilizing Node server and WebSockets. I found using WebSockets provided a 624% increase in the number of requests per second my application could process.

However since starting the project I&#39;ve read of security loopholes, and some browsers choosing to disable WebSockets by default..

**This leads me to the question:**

Why use AJAX when WebSockets seems to do such a great job of lowering latency and resource overhead, is there anything that AJAX does better than WebSockets?

Content Type	Original Author	Original Content on Stackoverflow
Question	Eric	View Question on Stackoverflow
Solution 1 - Ssl	Peter Moskovits	View Answer on Stackoverflow
Solution 2 - Ssl	kanaka	View Answer on Stackoverflow
Solution 3 - Ssl	oberstet	View Answer on Stackoverflow
Solution 4 - Ssl	Iggs_Grey	View Answer on Stackoverflow

WebSocket with SSL

Ssl Problem Overview

Ssl Solutions

Solution 1 - Ssl

Solution 2 - Ssl

Solution 3 - Ssl

Solution 4 - Ssl

JPA - Returning an auto generated id after persist()

Asp.NET Web API - 405 - HTTP verb used to access this page is not allowed - how to set handler mappings

Attributions