websocket-connection

Hello all,

I would like to try the testnet to learn the steps of trading digital coins.

Unfortunately I have problems to connect to the websocket testnet.binance.vision:443. The tcp connection works but after that I get an error on the TLS handshake.

Strangely enough I can connect successfully to stream.binance.com:9443. TCP successful → TLS handshake successful.

Are there any differences in the connection from testnet to production ?

What is the sequence when connecting a websocket in testnet ?

Normally tcp → TLS → https initiates websocket

is this correct ?

Hi,

The connection sequence is the same between testnet and production. I just confirmed and both the testnet and production websocket streams are working fine for me at the moment. Make sure you’re using wss://testnet.binance.vision as the Websocket URL for testnet. If you’re still having issues, please post a snippet of your code so I can confirm.

Thanks,

Hello Jonte,

thanks for the quick reply.

Make sure you’re using wss://testnet.binance.vision as the Websocket URL for testnet.

However, my problem is still before the direct connection to the websocket.

If the sequence is correct TCP → TLS → websocket, my connection hangs at the TLS handshake.
I am using C programming language with libssl (3.0.2):
(only the crucial steps)

// DNS to get IP
if( (host = gethostbyname(“testnet.binance.vision”)) == NULL){ printf(“ERROR gethostbyname()\n”);}
ip_ptr = (struct in_addr **)host->h_addr_list;

// set SSL context
if( (mein_ctx = SSL_CTX_new_ex(NULL,NULL,TLS_client_method())) == 0 ){ printf(“Error SSL_CTX_new()\n”); exit(1);}

// normaly TLS 1_3 but stream.binance.com:9443 dont work with TLS 1_3
if( !SSL_CTX_set_max_proto_version(mein_ctx,TLS1_2_VERSION) ){ printf(“Fehler bei SSL_CTX_set_min_proto_version()\n”);}

// set SSL object
if( (mein_ssl = SSL_new(mein_ctx)) == 0 ){ printf(“Fehler bei ssl_new\n”); exit(1);}

// create socket
if( (c_socket = socket(AF_INET, SOCK_STREAM, 0)) <= 0){ printf(“Fehler bei socket()\n”); exit(1);}
address.sin_family = AF_INET;
address.sin_port = htons(443);
inet_aton(ip_zeiger,&address.sin_addr);

// connect TCP
if( (connect( c_socket, (struct sockaddr *) &address, sizeof(address)) != 0)){ printf(“Fehler bei connect tcp\n”); exit(1);}
else{ printf(“connection ok\n”);}

// set socket to SSL object and connect
if( SSL_set_fd(mein_ssl, c_socket) > 1 ){ printf(“Fehler bei set_fd()\n”); exit(1);}

if( (conn = SSL_connect(mein_ssl)) == 0 ){ printf(“cracefull SSL shutdown\n”); exit(1);}
else if( conn < 0){ printf(“SSL bad shutdown: %i\n”,conn);
error = SSL_get_error(mein_ssl,conn);
printf(“error: %i\n”,error);
}

You can use ERR_get_error_all() to print more details about the TLS error.

I’d guess that your CA bundle might not have the root certificate used by *.binance.vision (Amazon), but there is one for *.binance.com (DigiCert).

if my system connect to *.binance.com the server is sending an certificate-chain …

Screenshot from 2023-07-24 14-39-541825×580 138 KB

if my system connect to *binance.vision the server is aborting directly

Screenshot from 2023-07-24 14-41-051825×580 110 KB

Hello all,

i have found the difference between the testnet and the productive one.

to connect to the testnet i have to specify the server name specifically:

SSL_set_tlsext_host_name(mein_ssl,“testnet.binance.vision”);

Should I use this later in the productive environment as well or does this only apply to the testnet ?

In any case, the fact is that the handshake works like this.