Websocket insecure with balena browser

Firat · February 28, 2024, 3:32pm

Good morning,
I come to you because we have a problem with local websocket connections through balena browser: [GitHub - balena-labs-projects/browser: A drop-in web browser block]

We have embedded electronic cards (C++ applications) which have an unsecured websocket server implementation, therefore with a (ws) connection.
We cannot install an SSL certificate.
Our problem is that the balena browser constantly redirects the http connection to https and therefore the ws connection cannot work.
What solutions can we have to use the websocket connection insecurely through the Balena browser?

Best Regards

alanb128 · February 29, 2024, 3:28am

Hello, does this behavior happen on regular Chromium without the browser block?
Perhaps there is a Chromium switch you can set using the FLAGS / EXTRA_FLAGS variable on the browser block to make it work the way you want: List of Chromium Command Line Switches « Peter Beverloo

Firat · February 29, 2024, 8:24am

Hello @alanb128 , flags do not allow us to have the behavior we want.

alanb128 · March 1, 2024, 3:13am

Have you determined if it’s a Chromium limitation outside the browser block as well?

Firat · March 1, 2024, 8:39am

Yes, everything makes us believe that this is a limitation of chromium.
After some research, we concluded that browsers reject self-signed certificates.
By starting a websocket server with a pkcs12 key, and generating an authority-signed certificate for the client side we managed to resolve the issue in a development environment.
We will try to have the same behavior on a balena environment

alanb128 · March 5, 2024, 4:03am

Glad you found a workaround! Let us know how it goes on the balena platform.