I’m using the package
My problem here is when I set the
'verify_peer' => true the websocket is not working, but then the value is
false it is working. Is there anyone here managed to make this to work?
For production website, I want set the
true to prevent man-in-the-middle attack.
I have a website, lets say aceraven777.com, it already has SSL installed (in the cPanel it has autoSSL enabled).
In the websockets config I entered the same path (the one that cPanel generated) for the certificate and private key.
Below are the settings I used:
'ssl' => [ /* * Path to local certificate file on filesystem. It must be a PEM encoded file which * contains your certificate and private key. It can optionally contain the * certificate chain of issuers. The private key also may be contained * in a separate file specified by local_pk. */ 'local_cert' => env('LARAVEL_WEBSOCKETS_SSL_LOCAL_CERT', null), /* * Path to local private key file on filesystem in case of separate files for * certificate (local_cert) and private key. */ 'local_pk' => env('LARAVEL_WEBSOCKETS_SSL_LOCAL_PK', null), /* * Passphrase for your local_cert file. */ 'passphrase' => env('LARAVEL_WEBSOCKETS_SSL_PASSPHRASE', null), 'verify_peer' => true, ],
'pusher' => [ 'driver' => 'pusher', 'key' => env('PUSHER_APP_KEY'), 'secret' => env('PUSHER_APP_SECRET'), 'app_id' => env('PUSHER_APP_ID'), 'options' => [ 'cluster' => env('PUSHER_APP_CLUSTER'), 'host' => env('PUSHER_APP_HOST'), 'port' => env('PUSHER_APP_PORT'), 'useTLS' => true, 'scheme' => 'https', 'curl_options' => [ CURLOPT_SSL_VERIFYHOST => 1, CURLOPT_SSL_VERIFYPEER => 1, ], ], // Configuration for laravel mix JS 'mix' => [ 'host' => env('MIX_PUSHER_APP_HOST'), 'key' => env('MIX_PUSHER_APP_KEY'), 'cluster' => env('MIX_PUSHER_APP_CLUSTER'), 'port' => env('MIX_PUSHER_APP_PORT'), ], ],
Source: Ask PHP