-
Notifications
You must be signed in to change notification settings - Fork 1.6k
Node unable to sync via WSS #6208
Comments
Thank you for submitting the issue. Can you please provide more information on which certificate are you using? Here is the Nginx configuration which we used for testing.
Node was started with |
I'm using a Let's Encrypt certificate as well my haproxy configuration is as follows:
You can verify that the ssl certificate is functional at https://boot.stake.plus:32334/ In this section of your nginx configuration, are you forcibly upgrading the connection to a websocket?
|
I attempted to force the websocket/upgrade headers necessary and still receiving the following: frontend/1: SSL handshake failure |
I don't have big experience with Haproxy, But I think the issue is not in Haproxy. Please, check the chainspec, your bootNodes section should look like that:
|
Yes, it's entered like that and I also tested with it manually on the CLI with the --bootnodes options. The weird thing is that I do see that other clients are connecting to that port and connecting without SSL issues. Is there a specific tag or branch I should be using when attempting to compile and test? I'm currently using master.
|
Hmm, how are you planning to compile JS code? Look like we had a misunderstanding.
|
Does that mean it is not intended that a node at boot will use /wss/p2p/ to find its' initial peers? Maybe this is where my confusion is coming from. I expected the node to be able to utilize this /wss/p2p/ endpoint for peer discovery. When deploying bootnodes for inclusion in source for merge, should I include both /p2p/ and /wss/p2p/? Thanks
or
|
/wss/p2p is not supported by Substrate paritytech/substrate#12024 |
I'm attempting to test the WSS listeners needed when operating bootnodes according to new specifications listed here:
https://forum.polkadot.network/t/community-bootnodes-and-snapshot-providers/630/2?u=bkchr
I've deployed haproxy with a SSL frontend to redirect to the listener port defined for WS in the service file. To test the deployment of wss I have compiled a node with only a single defined bootnode in the chain-specs file. When I launch the bootnode it fails to connect and I only see "SSL handshake failure" on the server side. It appears that the node is not attempting to communicate via SSL to the termination point. If I remove the ssl certificate and haproxy everything works correctly and the node is able to retrieve a list of network peers.
To recreate:
Note: My haproxy listens on port 32334 and redirects the decrypted connection to 32335.
The text was updated successfully, but these errors were encountered: