EzyFox Server Config Websocket SSL

Updated at 1703915396000

For letsencrypt

1. Install certbot or your server that contains ezyfox server by running:

sudo apt install certbot python3-certbot-nginx

2. Create a certificate by running and follow by certbot instructions:

sudo certbot

3. Create keystore file. Example your domain is: ws.tvd12.com, you can run:

openssl pkcs12 -export -in /etc/letsencrypt/live/ws.tvd12.com/cert.pem -inkey /etc/letsencrypt/live/ws.tvd12.com/privkey.pem -out certificate.p12 -name "certificate"
keytool -importkeystore -srckeystore certificate.p12 -srcstoretype pkcs12 -destkeystore ssl-keystore.txt

Now, you will have a keystore file named: ssl-keystore.txt. Let's say you did input the password of the certificate and the keystore file is 123456. You need to:

  • copy ssl-keystore.txt file to ezyfox-server/settings/ssl folder.
  • update content of ssl-keystore-password.txt and ssl-certificate-password.txt files to set the password 123456 without any space or empty line.

For ssls.com

1. You can buy an SSL certificate on ssls.com, let's say you will buy for domain ws.stackask.com.

2. You wil get 2 files ws_stackask_com_key.zip and ws.stackask.com.zip, unzip them and you will get.

  • ws_stackask_com_key.txt
  • ws.stackask.com.ca-bundle
  • ws.stackask.com.crt
  • ws.stackask.com.p7b

3. Now you need run 2 commands to generate keystore file, in that steps you will need choose password, let's say it's 123456.

openssl pkcs12 -export -in ws.stackask.com.crt 
	-inkey ws_stackask_com_key.txt 
	-out ws_stackask_com.p12
keytool -importkeystore -srckeystore ws_stackask_com.p12 
        -srcstoretype PKCS12 
        -destkeystore ws.stackask.keystore.jks 
        -deststoretype JKS

If you get error, you can use this command:

keytool -v -importkeystore -srckeystore ws_stackask_com.p12 
	-srcstoretype PKCS12 -destkeystore  ws.stackask.keystore.jks 
	-deststoretype JKS

And then you will receive ws.stackask.keystore.jks.

  1. You need copy ws.stackask.keystore.jks to ezyfox-server/settings/ssl.
  2. You need rename file ws.stackask.keystore.jks to ssl-keystore.txt.
  3. Because you set password is 123456 in above step, so now you need open 2 files: ssl-keystore-password.txt, ssl-certificate-password.txt and replace their content with 123456.

Start server

Start ezyfox-server with ./console.sh or ./start-service.sh

After server start finish, you can open hello-ezyfox-server.html 9. Enter url is: wss://ws.stackask.com/ws, your name and click Connect. Enjoy!

Next step

You can setup SSL for TCP and UDP socket.