Unable to get Secure Websocket to work (wss)

Users and Developers go
1

I am attempting to create a secure websocket in go and libp2p but get an error saying tls.config required

node, err = libp2p.New(
		libp2p.Identity(privateKey),
		libp2p.DefaultSecurity,
		libp2p.ListenAddrStrings(ip6ws, ip4ws),
)

cannot listen on wss address /ip4/0.0.0.0/tcp/8001/wss without a tls.Config

2

For anyone else looking for help I figured it out!

Self signed this is using Go ‘crypto/tls’

// GenX509KeyPair generates the TLS keypair for the server
func GenX509KeyPair() (tls.Certificate, error) {
	now := time.Now()
	template := &x509.Certificate{
		SerialNumber: big.NewInt(now.Unix()),
		Subject: pkix.Name{
			CommonName:         "quickserve.example.com",
			Country:            []string{"USA"},
			Organization:       []string{"example.com"},
			OrganizationalUnit: []string{"quickserve"},
		},
		NotBefore:             now,
		NotAfter:              now.AddDate(0, 0, 1), // Valid for one day
		SubjectKeyId:          []byte{113, 117, 105, 99, 107, 115, 101, 114, 118, 101},
		BasicConstraintsValid: true,
		IsCA:                  true,
		ExtKeyUsage:           []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth},
		KeyUsage: x509.KeyUsageKeyEncipherment |
			x509.KeyUsageDigitalSignature | x509.KeyUsageCertSign,
	}

	priv, err := rsa.GenerateKey(rand.Reader, 2048)
	if err != nil {
		return tls.Certificate{}, err
	}

	cert, err := x509.CreateCertificate(rand.Reader, template, template,
		priv.Public(), priv)
	if err != nil {
		return tls.Certificate{}, err
	}

	var outCert tls.Certificate
	outCert.Certificate = append(outCert.Certificate, cert)
	outCert.PrivateKey = priv

	return outCert, nil
}

	cer, err := GenX509KeyPair() // Or tls.LoadX509KeyPair("server.crt", "server.key")
	if err != nil {
		log.Println(err)
		return
	}

	config := &tls.Config{Certificates: []tls.Certificate{cer}}

node, err = libp2p.New(
		libp2p.Transport(ws.New, ws.WithTLSConfig(config)),
		libp2p.ListenAddrStrings(addrz...), // fmt.Sprintf("/ip6/::/tcp/%d/wss", port),
	)
3

Hey there @NihiliumOnMarz,
using your code to generate a key pair, I get the error
tls: failed to verify certificate: x509: certificate signed by unknown authority from the dialing node and
http: TLS handshake error from <ip:port>: remote error: tls: bad certificate from the dialed node.
Do you have any idea, on what could cause that issue?
Best Regards!