TLS Handshake failure

[schungx]

Using client.connect(None) to connect to a wss:// endpoint, but got TLS Handshake failure.

Connecting to ws:// endpoint works just fine.

Tool-chain: stable-i686-pc-windows-gnu
Environment: Windows 10 x64

Is there any way to diagnose the problem? Any pointers?

[vi]

What environment are you connecting WebSocket from? Browser or Node?

Assuming it's browser, try pasting the websocket address, but with https:// instead of wss:// to address line and opening it. You would probably see "invalid self-signed certificate" page like "proceed, I know what I am doing / add to trusted certificates" about poor TLS setup. Once you force thgouh (you would probable see WebSocat's message "Only WebSocket connections are welcome here" or similar), client.connect may start working (at least until browser restart).

[schungx]

I'm opening up a WebSocket client connection on a Rust console program with websockets-rs. Not going thru a browser at all.

I am wondering, do I need to setup a certificate or some weird stuff to connect via wss://? The server uses a self-signed certificate (it is a testing server). So do you think the self-signed certificate is the problem?

If so, the error message of TLS Handshake failure is not very helpful at all...

[vi]

Are you connecting one Websocat to the other Websocat?

Maybe you want --insecure (-k) option.

[schungx]

Nope. The other side is a standard WebSocket listener service. It just uses a self-signed certificate (it is a testing env).

Using a browser to connect and accepting the self-signed certificate works just fine.

With this lib, using connect_insecure of course works fine, but it will be connecting on ws:// protocol.

Using connect with wss:// protocol generates the handshake failure.

Main question is how to diagnose such a failure. Is there anywhere I can inspect the cause of this failure?