How to create Python secure websocket client request?

If anyone is curious in the future why wss python server fails is because of this right here in the tornado documentation:

When using a secure websocket connection (wss://) with a self-signed certificate, the connection from a browser may fail because it wants to show the “accept this certificate” dialog but has nowhere to show it. You must first visit a regular HTML page using the same certificate to accept it before the websocket connection will succeed.


For me, ignoring the errors is not an options, I had to use my self signed certificate because of SSL pinning in a complex IoT environment:

import asyncio
import pathlib
import ssl
import websockets

ssl_context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
localhost_pem = pathlib.Path(__file__).with_name("localhost.pem")
ssl_context.load_verify_locations(localhost_pem)

async def hello():
    uri = "wss://localhost:8765"
    async with websockets.connect(
        uri, ssl=ssl_context
    ) as websocket:
        name = input("What's your name? ")

        await websocket.send(name)
        print(f"> {name}")

        greeting = await websocket.recv()
        print(f"< {greeting}")

asyncio.get_event_loop().run_until_complete(hello())

Found it here on the websocket repo's examples folder.

P.S

I changed it from SSLContext(ssl.PROTOCOL_TLS_CLIENT) to SSLContext(ssl.PROTOCOL_TLSv1_2) to make it work


Finally I found a solution, I updated python client script while making connection to secure web socket url to ignore cert request as follows:

 import ssl
 import websocket

 ws = websocket.WebSocket(sslopt={"cert_reqs": ssl.CERT_NONE})
 ws.connect("wss://xxx.com:9090/websocket")