Inquiry Regarding SSL Certificate for WebSocket Connection Error

Mr_Engineer · July 20, 2023, 9:50am

Dear Binance Support Team,

I hope this message finds you well. I am a developer using the Binance Futures API to establish a WebSocket connection for my Node.js application. However, when attempting to connect to the WebSocket endpoint, I encountered the following error:

Error: self signed certificate in certificate chain
    at TLSSocket.onConnectSecure (node:_tls_wrap:1540:34)
    at TLSSocket.emit (node:events:513:28)
    at TLSSocket._finishInit (node:_tls_wrap:959:8)
    at ssl.onhandshakedone (node:_tls_wrap:743:12)
   ...

After investigating the issue, I realized that the error is related to the SSL/TLS certificate being used in the WebSocket connection. My Node.js application is correctly configured, and the error seems to be caused by a self-signed certificate in the certificate chain.

To ensure secure and trustworthy communication between my application and the Binance WebSocket server, I would like to request a valid SSL certificate issued by a trusted Certificate Authority (CA) for your WebSocket endpoint.

Having a trusted SSL certificate would enable my application to establish secure connections without encountering the self-signed certificate error. This is crucial for the production deployment of my application, and it would greatly enhance the security and reliability of the connections.

Could you kindly provide me with the necessary steps or instructions on how to obtain a valid SSL certificate for the WebSocket endpoint? If you could share the certificate details or point me to the appropriate documentation, I would greatly appreciate it.

Thank you for your attention to this matter. If you need any additional information or have any questions, please feel free to reach out to me.

Looking forward to your prompt assistance.

dino · July 25, 2023, 10:47am

It seems that your client machine has some custom SSL certification settings. I would suggest to setup a clean server, e.g. a Ubuntu machine and see if you could make it working with Futures websocket API.

You can also test the websocket connection by running some websocket cli tool, e.g. websocat or just

curl -v -o - --http1.1 \
--include \
--no-buffer \
--header "Connection: Upgrade" \
--header "Upgrade: websocket" \
--header "Host: stream.binance.com:9443" \
--header "Origin: https://stream.binance.com:9443" \
--header "Sec-WebSocket-Key: SGVsbG8sIHdvcmxkIQ==" \
--header "Sec-WebSocket-Version: 13" \
https://stream.binance.com:9443/ws/bnbusdt@ticker

This is making WS connection to Binance Spot webscoket server, but very similar to the futures server.

Mr_Engineer · July 27, 2023, 1:09am

I setting NODE_TLS_REJECT_UNAUTHORIZED environment variable to ‘0’. That error no longer warns. But i have new warning:

(node:2263305) Warning: Setting the NODE_TLS_REJECT_UNAUTHORIZED environment variable to '0' makes TLS connections and HTTPS requests insecure by disabling certificate verification.
(Use `node --trace-warnings ...` to show where the warning was created)

Any problem with this warning when connect websocket to binance futures ?