2016-10-25 19:15

php / javascript中的SSL websocket


I am currently working on a real time notification service using websocket using TLS/SSL (wss://).
I have some problem for the handshake between the browser and the server. Everything works fine with a server and a client in php but when I use the JS's websocket to connect to the server, it fails because I don't know how to handle the handshake in server-side (from a browser).

So far my code for the server is :

$host = '';
$port = '9000';
$null = NULL;

$context = stream_context_create();

// local_cert must be in PEM format
stream_context_set_option($context, 'ssl', 'local_cert', "cert.pem");
stream_context_set_option($context, 'ssl', 'local_pk', "key.pem");
// Pass Phrase (password) of private key
stream_context_set_option($context, 'ssl', 'passphrase', "test");
stream_context_set_option($context, 'ssl', 'allow_self_signed', true);
stream_context_set_option($context, 'ssl', 'verify_peer', false);

// Create the server socket
$server = stream_socket_server('ssl://' . $host . ':' . $port, $errno, $errstr, STREAM_SERVER_BIND | STREAM_SERVER_LISTEN, $context);

if ($server == false) {
    die ("Could no create the server.");

//start endless loop

while (true) {
    $buffer = '';
    print "waiting...";
    $client = stream_socket_accept($server);
    print "accepted " . stream_socket_get_name($client, true) . "
    if ($client) {
        stream_set_blocking($client, true); 
        // TODO : handshaking
        stream_set_blocking($client, false);

        // Respond to php client (test only)
        /*fwrite($client, "200 OK HTTP/1.1
            . "Connection: close
            . "Content-Type: text/html
            . "
            . "Hello World!");
    } else {
        print "error.

Nothing is stated about the SSL handshake on the RFC WebSocket.
If anyone has some idea on how to implement a handshake, it would be greatly appreciated.

  • 点赞
  • 写回答
  • 关注问题
  • 收藏
  • 复制链接分享
  • 邀请回答


  • dongpinyao2203 dongpinyao2203 5年前

    Nothing is stated about the SSL handshake on the RFC WebSocket.

    wss:// is just ws:// inside a SSL connection, same as HTTPS is just HTTP inside a SSL connection. There is nothing special, i.e. you just need to speak the WebSocket protocol on the SSL stream after the successful SSL handshake.

    点赞 评论 复制链接分享