deepstream.io: Cant run with LetsEncrypt SSL cert

I have tried Ubuntu install (v3.2.3) and Docker version (v3.2.2). I get the error below which I identified comes from uWebSockets library. My guess would be loading cert files as strings and passing those to uWS which tries to load those as paths.

(node:29066) UnhandledPromiseRejectionWarning: App construction failed
(node:29066) UnhandledPromiseRejectionWarning: Unhandled promise rejection. This error originated either by throwing inside of an async function without a catch block, or by rejecting a promise which was not handled with .catch(). (rejection id: 1)
(node:29066) [DEP0018] DeprecationWarning: Unhandled promise rejections are deprecated. In the future, promise rejections that are not handled will terminate the Node.js process with a non-zero exit code.
PLUGIN_ERROR | connectionEndpoint wasn't initialised in time
/etc/deepstream/src/utils/dependency-initialiser.js:94
    throw error
    ^

Error: connectionEndpoint wasn't initialised in time
    at DependencyInitialiser._onTimeout (/etc/deepstream/src/utils/dependency-initialiser.js:92:19)
    at ontimeout (timers.js:436:11)
    at tryOnTimeout (timers.js:300:5)
    at listOnTimeout (timers.js:263:5)
    at Timer.processTimers (timers.js:223:10)```


Config
# SSL Configuration
sslKey: /etc/letsencrypt/live/nonp-deepstream.dsgapps.dk/privkey.pem
sslCert: /etc/letsencrypt/live/nonp-deepstream.dsgapps.dk/fullchain.pem
sslDHParams: /etc/deepstream/dhparam4096.pem
#sslPassphrase: null

About this issue

  • Original URL
  • State: closed
  • Created 5 years ago
  • Comments: 17 (10 by maintainers)

Most upvoted comments

Had to get Deepstream SSL working to test out WebRTC examples (browser getUserMedia requires content to be served from HTTPS which then requires the WebSocket to be WSS)

    # SSL Configuration
    sslKey: null
    sslCert: null
    sslDHParams: null
    sslPassphrase: null

The above options are incorrect.

https://github.com/deepstreamIO/deepstream.io/blob/master/src/connection-endpoint/uws/connection-endpoint.ts Looking through endpoint source , I picked up that options are named keyFileName and certFileName instead of sslKey and sslCert

This makes Deepstream provide a functional WSS. This is however not indicated from INFO messages when starting DS, which could be nice.

By the way, with a self-signed certificate, browser is gonna refuse the connection (even though same certificate is already bypassed for the content on same hostname). This can be overcome by browsing to https://localhost:6020/deepstream and bypassing it there.

+1
thorsby on Sep 17, 2019
Read more comments on GitHub
← haystack: Weaviate error when updating embeddings
deepstream.io: Invalid state transition. Details: {"transition":"MERGED","state":"READY"}  →