How to configure a Netcode server with secured Websocket?

Hello everyone,

I’m having trouble configuring a WebGL app to connect to a remote Unity server on an HTTPS website. I’m using Netcode for GameObjects for the networking logic. The server is a standard Debian setup.

The setup works fine over plain HTTP (port 80). The WebGL app loads via an nginx reverse proxy to port 8080 (where I’m running a Node.js server for WebGL). The client then connects to the Unity server at <my server IP>:7777 without any issues.

However, once I switch to HTTPS, things start to break down. The WebGL app still loads without any problem, but when it attempts to connect to the Unity server, I receive the following error:

SecurityError: Failed to construct ‘WebSocket’: An insecure WebSocket connection may not be initiated from a page loaded over HTTPS.

I’ve tried several things:

  • Setting up reverse proxies in nginx to handle WebSocket traffic.
  • Enabling and disabling Unity Transport encryption.
  • Using domain names instead of IP addresses.
  • Hardcoding my SSL certificate and keys using SetClientSecrets and SetServerSecrets in Unity Transport.

Nothing seems to work so far.

Does anyone have documentation, examples, or a step-by-step tutorial on how to correctly set this up? I’m not sure what the best approach is at this point.

Thanks in advance for any help!

Im not sure why you’re using reverse proxy, but, are you using a self signed cerfiticate? I setup my server and used a https based remote site to store the join code, so that the client could pickup the code and join without user intervention, due to an authorative certificate, it was fine.

What’s your current transport setup code that leads to this failure?

The error message seems to indicate that your are not using the secure websockets protocol. You choose that by entering “wss” as the connection type, not “dtls”. This is assuming that you are using SetRelayServerData.

You may have to provide your secrets on top of that too.

Thanks people, I’ve finally manage to make it work by configuring the SecureParameters in UnityTransport.

This page should be a good starting point if someone is struggling with the same issue : Create a secure client and server | Unity Multiplayer Networking

You need to check Use Encryption in Unity transport.
In the SecureParameters script, your server common name should be the same than in your certificate configuration (so usually just your domain name).

I used the same config than I used when it was on simple http.
Works great now!
Thank you to everyone who helped :slight_smile: